D488 | D488 Cybersecurity Architecture and
Engineering Exam 1 Version 1 | Questions with
Correct Answers and Expert Explanation for Each
Question | WGU
1. Which component of the CIA triad is primarily concerned with ensuring that data
has not been modified by unauthorized users?
A. Confidentiality
B. Non-repudiation
C. Availability
D. Integrity
Correct Answer: D
Expert Explanation: Integrity ensures that information and programs are changed
only in a specified and authorized manner. This concept protects data from being
tampered with or altered by unauthorized parties. Mechanisms such as hashing and
digital signatures are commonly used to verify the consistency of data.
Confidentiality focuses on secrecy, while availability focuses on access to systems.
Maintaining data accuracy is the core objective of the integrity principle in
cybersecurity.
,2. In risk management, which strategy involves moving the financial impact of a
potential loss to a third party?
A. Risk Transference
B. Risk Mitigation
C. Risk Acceptance
D. Risk Avoidance
Correct Answer: A
Expert Explanation: Risk transference involves shifting the burden of loss or
responsibility for risk to another party. A common example of this strategy is
purchasing cybersecurity insurance to cover potential financial damages. It does not
eliminate the risk itself but changes who bears the consequences. Avoidance seeks
to eliminate the activity causing risk, while mitigation aims to reduce the risk’s
impact. Organizations choose transference when they cannot cost-effectively
manage the risk internally.
3. Which STRIDE category refers to an attacker gaining unauthorized access to a
system by pretending to be a legitimate user?
A. Information Disclosure
B. Tampering
C. Repudiation
,D. Spoofing
Correct Answer: D
Expert Explanation: Spoofing occurs when a person or program successfully
identifies as another by falsifying data. This threat directly targets the
authentication process within a system or network. Examples include IP spoofing,
email spoofing, or using stolen credentials to log in. Tampering involves
unauthorized modification, whereas repudiation involves denying that an action
took place. Identifying spoofing vulnerabilities is a critical step in the threat
modeling process.
4. A security professional implements a firewall to block unauthorized traffic. What
type of security control is this?
A. Technical Control
B. Physical Control
C. Administrative Control
D. Deterrent Control
Correct Answer: A
Expert Explanation: Technical controls, also known as logical controls, use
technology to protect assets and systems. Firewalls, encryption, and intrusion
detection systems are primary examples of these hardware or software-based
, protections. They function by enforcing security rules automatically without direct
human intervention. Administrative controls involve policies and procedures, while
physical controls protect the actual environment. Using technical controls is a
standard method for securing network perimeters.
5. Which document provides high-level statements of management intent regarding
security within an organization?
A. Policy
B. Standard
C. Guideline
D. Procedure
Correct Answer: A
Expert Explanation: Security policies are the foundational documents that outline
an organization’s security goals and expectations. They are mandatory and set the
direction for all subsequent security activities and compliance efforts. Procedures
provide step-by-step instructions, whereas standards define specific technical
requirements. Guidelines offer suggestions but are generally not mandatory like
policies are. Establishing clear policies is essential for effective security governance
and management.
Engineering Exam 1 Version 1 | Questions with
Correct Answers and Expert Explanation for Each
Question | WGU
1. Which component of the CIA triad is primarily concerned with ensuring that data
has not been modified by unauthorized users?
A. Confidentiality
B. Non-repudiation
C. Availability
D. Integrity
Correct Answer: D
Expert Explanation: Integrity ensures that information and programs are changed
only in a specified and authorized manner. This concept protects data from being
tampered with or altered by unauthorized parties. Mechanisms such as hashing and
digital signatures are commonly used to verify the consistency of data.
Confidentiality focuses on secrecy, while availability focuses on access to systems.
Maintaining data accuracy is the core objective of the integrity principle in
cybersecurity.
,2. In risk management, which strategy involves moving the financial impact of a
potential loss to a third party?
A. Risk Transference
B. Risk Mitigation
C. Risk Acceptance
D. Risk Avoidance
Correct Answer: A
Expert Explanation: Risk transference involves shifting the burden of loss or
responsibility for risk to another party. A common example of this strategy is
purchasing cybersecurity insurance to cover potential financial damages. It does not
eliminate the risk itself but changes who bears the consequences. Avoidance seeks
to eliminate the activity causing risk, while mitigation aims to reduce the risk’s
impact. Organizations choose transference when they cannot cost-effectively
manage the risk internally.
3. Which STRIDE category refers to an attacker gaining unauthorized access to a
system by pretending to be a legitimate user?
A. Information Disclosure
B. Tampering
C. Repudiation
,D. Spoofing
Correct Answer: D
Expert Explanation: Spoofing occurs when a person or program successfully
identifies as another by falsifying data. This threat directly targets the
authentication process within a system or network. Examples include IP spoofing,
email spoofing, or using stolen credentials to log in. Tampering involves
unauthorized modification, whereas repudiation involves denying that an action
took place. Identifying spoofing vulnerabilities is a critical step in the threat
modeling process.
4. A security professional implements a firewall to block unauthorized traffic. What
type of security control is this?
A. Technical Control
B. Physical Control
C. Administrative Control
D. Deterrent Control
Correct Answer: A
Expert Explanation: Technical controls, also known as logical controls, use
technology to protect assets and systems. Firewalls, encryption, and intrusion
detection systems are primary examples of these hardware or software-based
, protections. They function by enforcing security rules automatically without direct
human intervention. Administrative controls involve policies and procedures, while
physical controls protect the actual environment. Using technical controls is a
standard method for securing network perimeters.
5. Which document provides high-level statements of management intent regarding
security within an organization?
A. Policy
B. Standard
C. Guideline
D. Procedure
Correct Answer: A
Expert Explanation: Security policies are the foundational documents that outline
an organization’s security goals and expectations. They are mandatory and set the
direction for all subsequent security activities and compliance efforts. Procedures
provide step-by-step instructions, whereas standards define specific technical
requirements. Guidelines offer suggestions but are generally not mandatory like
policies are. Establishing clear policies is essential for effective security governance
and management.
