WGU D488 Pre Assessment Exam |
Cybersecurity Architecture and
Engineering Exam | Questions and
Answers Rated A+ | 2025/2026 Guide
An IT team is preparing the network for a hybrid cloud deployment. A
security analyst recently discovered that the firmware of a router in the core
data center has been compromised. According to the analyst, the attack
occurred over a year ago without being detected. Which type of threat actor
is the most likely cause of the attack?
Advanced persistent threat
Competitor
Hacktivist
Novice hacker
-Correct Answer- Advanced persistent threat
The security operations center (SOC) team just received a notification that
multiple vulnerabilities are present in the codebase of a corporate
application. Which threat type is most likely in this scenario?
Advanced persistent threat
Insider threat
Organized crime
Supply chain
-Correct Answer- Supply chain
,The security operations center (SOC) team for a global company is
planning an initiative to defend against security breaches. Leadership
wants the team to monitor for threats against the organization's data,
credentials, and brand reputation by scanning networks that can not be
accessed via search engines. Which type of network should be scanned
based on the requirements?
Wireless fidelity
Deep web
Intranet
Supervisory control and data acquisition
-Correct Answer- Deep web
An electric power and water utility company has recently added a
cybersecurity division. The security operations center (SOC) team has
been tasked with leveraging an investigative framework that can accurately
assess the motives, means, and opportunities associated with common
security attacks. Which framework should be implemented?
National Institute of Standards and Technology (NIST)
Diamond Model of Intrusion Analysis
Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for
industrial control systems (ICS)
Cyber kill chain
-Correct Answer- Adversarial Tactics, Techniques, and Common Knowledge
(ATT&CK) for industrial control systems (ICS)
, A company operates a customer service call center with over one hundred
agents taking inbound sales calls. After a recent security breach, the
security team believes that one or more agents have been stealing
customer credit card details. Which solution will defend against this issue?
Security information and event management (SIEM)
File integrity monitoring (FIM)
Data loss prevention (DLP)
Intrusion detection system (IDS)
-Correct Answer- Data loss prevention (DLP)
The security team has noticed that several endpoints on the network have
been infected with malware. Leadership has tasked the security team with
identifying these attacks in the future. Which solution will notify the team
automatically in the event of future malware variants invading the network?
Security information and event management (SIEM) alerts
Data loss prevention (DLP) alerts
Syslog alerts
Antivirus alerts
-Correct Answer- Antivirus alerts
An engineer has noticed a degradation in system performance and alerts
regarding high central processing unit (CPU) usage on multiple virtual
machines in the environment. Further investigation shows that several
unknown processes are running on the affected systems. What is the
explanation for the degradation in system performance and alerts regarding
high central processing unit (CPU) usage?
Outdated anti-malware signatures
Cybersecurity Architecture and
Engineering Exam | Questions and
Answers Rated A+ | 2025/2026 Guide
An IT team is preparing the network for a hybrid cloud deployment. A
security analyst recently discovered that the firmware of a router in the core
data center has been compromised. According to the analyst, the attack
occurred over a year ago without being detected. Which type of threat actor
is the most likely cause of the attack?
Advanced persistent threat
Competitor
Hacktivist
Novice hacker
-Correct Answer- Advanced persistent threat
The security operations center (SOC) team just received a notification that
multiple vulnerabilities are present in the codebase of a corporate
application. Which threat type is most likely in this scenario?
Advanced persistent threat
Insider threat
Organized crime
Supply chain
-Correct Answer- Supply chain
,The security operations center (SOC) team for a global company is
planning an initiative to defend against security breaches. Leadership
wants the team to monitor for threats against the organization's data,
credentials, and brand reputation by scanning networks that can not be
accessed via search engines. Which type of network should be scanned
based on the requirements?
Wireless fidelity
Deep web
Intranet
Supervisory control and data acquisition
-Correct Answer- Deep web
An electric power and water utility company has recently added a
cybersecurity division. The security operations center (SOC) team has
been tasked with leveraging an investigative framework that can accurately
assess the motives, means, and opportunities associated with common
security attacks. Which framework should be implemented?
National Institute of Standards and Technology (NIST)
Diamond Model of Intrusion Analysis
Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for
industrial control systems (ICS)
Cyber kill chain
-Correct Answer- Adversarial Tactics, Techniques, and Common Knowledge
(ATT&CK) for industrial control systems (ICS)
, A company operates a customer service call center with over one hundred
agents taking inbound sales calls. After a recent security breach, the
security team believes that one or more agents have been stealing
customer credit card details. Which solution will defend against this issue?
Security information and event management (SIEM)
File integrity monitoring (FIM)
Data loss prevention (DLP)
Intrusion detection system (IDS)
-Correct Answer- Data loss prevention (DLP)
The security team has noticed that several endpoints on the network have
been infected with malware. Leadership has tasked the security team with
identifying these attacks in the future. Which solution will notify the team
automatically in the event of future malware variants invading the network?
Security information and event management (SIEM) alerts
Data loss prevention (DLP) alerts
Syslog alerts
Antivirus alerts
-Correct Answer- Antivirus alerts
An engineer has noticed a degradation in system performance and alerts
regarding high central processing unit (CPU) usage on multiple virtual
machines in the environment. Further investigation shows that several
unknown processes are running on the affected systems. What is the
explanation for the degradation in system performance and alerts regarding
high central processing unit (CPU) usage?
Outdated anti-malware signatures
