D488 | D488 Cybersecurity Architecture and
Engineering Exam 1 Version 3 | Questions with
Correct Answers and Expert Explanation for Each
Question | WGU
1. Which type of social engineering attack specifically targets high-ranking executives
within an organization to steal sensitive data?
A. Vishing
B. Whaling
C. Smishing
D. Pharming
Correct Answer: B
Expert Explanation: Whaling is a highly targeted form of phishing aimed at senior
executives and high-profile individuals. These attackers often conduct extensive
research to make their fraudulent communications appear authentic. The goal is
typically to gain access to corporate secrets or authorize large financial transfers.
Because of the status of the targets, these attacks can cause significant
organizational damage. Training and strict verification protocols are necessary to
mitigate this specific threat.
,2. Which type of malware is designed to encrypt a user’s files and demand payment
for the decryption key?
A. Spyware
B. Adware
C. Ransomware
D. Rootkit
Correct Answer: C
Expert Explanation: Ransomware is a malicious software that locks or encrypts
data until a ransom is paid. It often spreads through phishing emails or unpatched
software vulnerabilities in the network. Organizations must maintain offline
backups to recover data without paying the attackers. This threat has become more
sophisticated with the introduction of double extortion tactics. Effective endpoint
protection and user education are critical components of a defense strategy.
3. What is the primary purpose of a ‘Zero-day’ exploit in the context of cybersecurity?
A. To patch a known vulnerability in less than 24 hours
B. To simulate an attack during a scheduled maintenance window
C. To perform a brute-force attack on a legacy system
D. To target a vulnerability that is unknown to the software vendor
,Correct Answer: D
Expert Explanation: A zero-day exploit targets a software vulnerability that has not
yet been identified or patched by the developer. Because the flaw is unknown, there
are no immediate defenses available to stop the attack. Attackers value these
exploits because they offer a high probability of success against many targets.
Security teams must rely on behavioral analysis and intrusion detection systems to
identify such activities. Rapid response and patch management become vital once
the vulnerability is publicly disclosed.
4. In penetration testing, which methodology provides the tester with full knowledge
of the target’s infrastructure and source code?
A. White Box
B. Gray Box
C. Black Box
D. Red Teaming
Correct Answer: A
Expert Explanation: White box testing involves sharing comprehensive details
about the target environment with the security professional. This approach allows
for a very deep and thorough assessment of the internal logic and code. It is often
used to identify complex vulnerabilities that might be missed in blind testing. While
, it does not simulate a real-world external attacker, it provides the highest level of
assurance. This method is particularly effective for reviewing security architecture
and design flaws.
5. Which metric is used in quantitative risk analysis to represent the expected annual
financial loss from a specific threat?
A. Single Loss Expectancy (SLE)
B. Annual Loss Expectancy (ALE)
C. Annual Rate of Occurrence (ARO)
D. Exposure Factor (EF)
Correct Answer: B
Expert Explanation: The Annual Loss Expectancy (ALE) is calculated by
multiplying the Single Loss Expectancy by the Annual Rate of Occurrence. This
metric helps organizations prioritize security investments by quantifying the
potential financial impact of risks. It allows for a direct comparison between the cost
of a safeguard and the risk it mitigates. Decision-makers use these figures to
determine which risks to accept, transfer, or avoid. Accurate data collection is
required to make these mathematical models reliable for business planning.
Engineering Exam 1 Version 3 | Questions with
Correct Answers and Expert Explanation for Each
Question | WGU
1. Which type of social engineering attack specifically targets high-ranking executives
within an organization to steal sensitive data?
A. Vishing
B. Whaling
C. Smishing
D. Pharming
Correct Answer: B
Expert Explanation: Whaling is a highly targeted form of phishing aimed at senior
executives and high-profile individuals. These attackers often conduct extensive
research to make their fraudulent communications appear authentic. The goal is
typically to gain access to corporate secrets or authorize large financial transfers.
Because of the status of the targets, these attacks can cause significant
organizational damage. Training and strict verification protocols are necessary to
mitigate this specific threat.
,2. Which type of malware is designed to encrypt a user’s files and demand payment
for the decryption key?
A. Spyware
B. Adware
C. Ransomware
D. Rootkit
Correct Answer: C
Expert Explanation: Ransomware is a malicious software that locks or encrypts
data until a ransom is paid. It often spreads through phishing emails or unpatched
software vulnerabilities in the network. Organizations must maintain offline
backups to recover data without paying the attackers. This threat has become more
sophisticated with the introduction of double extortion tactics. Effective endpoint
protection and user education are critical components of a defense strategy.
3. What is the primary purpose of a ‘Zero-day’ exploit in the context of cybersecurity?
A. To patch a known vulnerability in less than 24 hours
B. To simulate an attack during a scheduled maintenance window
C. To perform a brute-force attack on a legacy system
D. To target a vulnerability that is unknown to the software vendor
,Correct Answer: D
Expert Explanation: A zero-day exploit targets a software vulnerability that has not
yet been identified or patched by the developer. Because the flaw is unknown, there
are no immediate defenses available to stop the attack. Attackers value these
exploits because they offer a high probability of success against many targets.
Security teams must rely on behavioral analysis and intrusion detection systems to
identify such activities. Rapid response and patch management become vital once
the vulnerability is publicly disclosed.
4. In penetration testing, which methodology provides the tester with full knowledge
of the target’s infrastructure and source code?
A. White Box
B. Gray Box
C. Black Box
D. Red Teaming
Correct Answer: A
Expert Explanation: White box testing involves sharing comprehensive details
about the target environment with the security professional. This approach allows
for a very deep and thorough assessment of the internal logic and code. It is often
used to identify complex vulnerabilities that might be missed in blind testing. While
, it does not simulate a real-world external attacker, it provides the highest level of
assurance. This method is particularly effective for reviewing security architecture
and design flaws.
5. Which metric is used in quantitative risk analysis to represent the expected annual
financial loss from a specific threat?
A. Single Loss Expectancy (SLE)
B. Annual Loss Expectancy (ALE)
C. Annual Rate of Occurrence (ARO)
D. Exposure Factor (EF)
Correct Answer: B
Expert Explanation: The Annual Loss Expectancy (ALE) is calculated by
multiplying the Single Loss Expectancy by the Annual Rate of Occurrence. This
metric helps organizations prioritize security investments by quantifying the
potential financial impact of risks. It allows for a direct comparison between the cost
of a safeguard and the risk it mitigates. Decision-makers use these figures to
determine which risks to accept, transfer, or avoid. Accurate data collection is
required to make these mathematical models reliable for business planning.
