Pass4Future also provide interactive practice exam software for preparing WGU Cybersecurity Architecture and Engineering (KFO1/D488) (WGU (KFO1/D488) Cybersecurity Architecture and Engineering) Exam effectively. You are welcome to explore sample free WGU (KFO1/D488) Cybersecurity Architecture and Engineering Exam questions below and also try WGU (KFO1/D488) Cybersecurity Architecture and Engineering Exam practice test software.
Do you know that you can access more real WGU Cybersecurity-Architecture-and-Engineering exam questions via Premium Access? ()
An organization's engineering team is developing a mobile application that uses near-field communication (NFC) capabilities but wants to ensure that information communicated using this protocol remains confidential.
Answer : D
The correct answer is D --- Encryption to prevent man-in-the-middle and eavesdropping attacks.
WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that while NFC is inherently short-range, it is still vulnerable to eavesdropping and man-in-the-middle attacks. Applying encryption ensures that even if communication is intercepted, the data remains protected and confidential.
Kerberos (A) is primarily for authentication within internal networks. Bluetooth restrictions (B) are unrelated to NFC. PDM (C) restricts device usage but does not directly protect NFC communication.
Reference Extract from Study Guide:
'Encrypting near-field communication ensures confidentiality and protects against interception and manipulation through man-in-the-middle and eavesdropping attacks.'
--- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Wireless and Mobile Security Concepts
A retail company wants to establish the frequency at which it needs to back up its critical data to ensure it can be restored in case of a disruption with the least amount of acceptable data loss.
What is the term used to describe this metric?
Answer : C
Recovery Point Objective (RPO)defines themaximum acceptable amount of data lossmeasured in time. It determines how often backups should occur to avoid losing critical business data.
NIST SP 800-34 Rev. 1:
''RPO represents the point in time prior to an outage to which systems and data must be restored to resume business operations.''
CDP is a method; RPO is thestrategic planning metric.
WGU Course Alignment:
Domain:Business Continuity and Disaster Recovery
Topic:Define RPO to support data resilience and backup planning
A government agency is planning a hybrid cloud deployment. Strict controls must be in place that can label classified data. The solution must ensure that access rights will be granted based on the user's government security classification.
Which type of access control should be used?
Answer : A
The correct answer is A --- Mandatory access control (MAC).
Per WGU Cybersecurity Architecture and Engineering (KFO1 / D488) coursework, MAC is a strict access control model where access to resources is based on information labels (such as classified, secret, top secret) and user clearances. Only administrators define and control the policy rules, and users cannot alter access settings, making it ideal for environments where classification labels determine access rights, such as government systems.
ABAC (B) focuses on attributes but is more dynamic rather than based purely on rigid classifications. DAC (C) gives data owners control over access permissions, unsuitable for classified government environments. RBAC (D) assigns permissions based on roles, but not necessarily aligned with security labels.
Reference Extract from Study Guide:
'Mandatory access control (MAC) enforces access policies based on fixed labels and security classifications, making it the preferred model for high-security environments like government agencies handling classified data.'
--- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Access Control Models
=============================================
A company is concerned about advanced persistent threats and wants to implement a security solution that can detect any unusual actions. The company wants to analyze the actions and trends of users and entities to identify any potential security risks.
Which security technology meets the needs of the company?
Answer : A
The correct answer is A --- User and entity behavior analytics (UEBA).
WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that UEBA tools analyze patterns of user and entity behavior to detect anomalies that could indicate insider threats, compromised accounts, or advanced persistent threats (APTs). UEBA focuses on deviations from normal activity patterns to identify risks that traditional signature-based systems might miss.
HSMs (B) protect cryptographic keys but do not monitor behavior. Antivirus tools (C) detect known malware but do not perform behavioral analytics. Two-factor authentication (D) secures access but does not detect unusual behavior patterns.
Reference Extract from Study Guide:
'User and entity behavior analytics (UEBA) identifies potential security threats by analyzing deviations from typical user and system activity patterns.'
--- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Threat Detection Technologies
An employee needs to execute a program from the command line.
Which peripheral device should be used?
Answer : A
The employee needs to execute a program from the command line, which requires inputting commands into the computer.
The primary device for inputting commands is the keyboard.
Other options like the hard drive, speaker, and printer are not used for inputting commands.
The hard drive is used for data storage.
The speaker outputs sound.
The printer outputs documents.
Therefore, the correct peripheral device for this task is the keyboard.
'Computer Fundamentals' by Anita Goel, which discusses input devices and their uses.
'The Principles of Information Systems' by Ralph Stair and George Reynolds, which details peripheral devices and their functions.
