Cybersecurity-Architecture-and-Engineering Exam Dumps - WGU Courses and Certificates Questions and Answers

A system administrator is responsible for managing, installing, and maintaining an organization's computer systems and networks. This role involves configuring new hardware, setting up user accounts, troubleshooting system and network issues, and ensuring the systems run efficiently.

The correct answer is D — Review.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) describes that the review phase of the risk management cycle involves evaluating whether the implemented controls are effective over time. Conducting regular risk assessments after deployment falls under the review process.

Control (A) is about applying mitigations. Assess (B) happens earlier during initial evaluation. Identify (C) was done before applying the controls.

Reference Extract from Study Guide:

"Reviewing the effectiveness of risk control strategies through ongoing assessments ensures continuous improvement in risk management practices."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Risk Management Review and Continuous Improvement

The correct answer is C — ChaCha.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, ChaCha is a stream cipher developed as a variant of Salsa20. It offers enhanced security, improved performance, and resistance to cryptographic attacks. It is often combined with Poly1305 forauthenticated encryption, commonly used in modern secure communications.

CTR (A) and CBC (B) are block cipher modes, not stream ciphers. ECB (D) is a block cipher mode and is insecure due to its lack of diffusion properties.

Reference Extract from Study Guide:

"ChaCha is a modern stream cipher, evolved from Salsa20, designed for speed and security, and often used alongside Poly1305 for authenticated encryption."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Encryption Technologies

=============================================

The correct answer is B — Access logs.

As outlined in the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, access logs record who accessed which system components, when they did so, and what changes they made. These logs are vital for creating an audit trail that can be reviewed to detect unauthorized changes to applications or systems.

NetFlow logs (A) track network traffic flows but not system or application changes. Packet capture logs (C) deal with network data but are not specialized for auditing application-level events. Router logs (D) capture network device activity, not application access information.

Reference Extract from Study Guide:

"Access logs maintain detailed records of user actions within systems and applications, providing the necessary audit trail for tracking authorized and unauthorized activities."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Log Management Concepts

=============================================

The correct answer is D — Implementing strong authentication mechanisms and encryption protocols to secure communication between the LDAP server and clients.

As outlined in WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, securing LDAP communication and strengthening authentication directly addresses vulnerabilities related to unauthorized access. Using encryption protocols such as LDAP over SSL (LDAPS) ensures that credentials and sensitive data are transmitted securely.

Security awareness training (A) helps against social engineering but does not secure the LDAP system itself. Backups (B) are a recovery measure, not a preventive one. IDPS (C) can detect attacks but does not directly secure the LDAP server against exploitation.

Reference Extract from Study Guide:

"Implementing strong authentication and encrypting communications for LDAP servers mitigates vulnerabilities by preventing unauthorized access and protecting sensitive information during transmission."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Secure Protocols and Services

AData Protection Impact Assessment (DPIA)is a formal process toassess the risks to personal data privacybefore implementing systems or technologies that handle personal data, especially under regulations likeGDPRor HIPAA.

NIST Privacy Framework v1.0 (Appendix D):

“A DPIA helps organizations systematically analyze, identify, and minimize the data protection risks of a project or plan involving personal information.”

While BCP and DR focus on operational resilience, DPIA isprivacy-focusedand risk-driven.

????WGU Course Alignment:

Domain:Risk Management and Privacy Engineering

Topic:Conduct privacy impact assessments for systems processing personal data

The correct answer is B — Secure Hash Algorithm 256 (SHA-256).

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) outlines that SHA-256 is a cryptographic hash function used to verify data integrity. It generates a fixed-size hash value based on input data, and any alteration to the data results in a different hash, signaling tampering.

DES (A) and AES (C) are encryption algorithms for confidentiality. RSA (D) is used for encryption and digital signatures, not solely for ensuring integrity via hashing.

Reference Extract from Study Guide:

"SHA-256 is a widely adopted cryptographic hash function used to verify the integrity of digital data and detect unauthorized modifications."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Cryptographic Hash Functions and Data Integrity

=============================================

SIEM systemsconsolidate logs and events from across the enterprise and apply behavior analysis and correlation rules to detect suspicious activity, including lateral movement, brute force, and privilege escalation.

NIST SP 800-137 (Information Security Continuous Monitoring for Federal Information Systems and Organizations):

“SIEM solutions provide security teams with insight into potentially malicious activity and enable proactive incident detection and response.”

????WGU Course Alignment:

Domain:Security Operations and Monitoring

Topic:Utilize SIEM for real-time user behavior analysis

Desktops typically have more memory (RAM) and internal storage (hard drives or SSDs) compared to handheld computers. This allows desktops to handle more intensive computingtasks and store larger amounts of data. Handheld devices, on the other hand, prioritize portability and battery life over high storage and memory capacity.

The correct answer is C — Common Vulnerabilities and Exposures (CVE).

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) highlights that the CVE database provides information about publicly disclosed cybersecurity vulnerabilities in software, including open-source libraries. By consulting the CVE list, the security team can assess whether the open-source libraries have known vulnerabilities before approving their use.

Agile (A) and Waterfall (B) are software development methodologies, not vulnerability databases. Continuous delivery (D) refers to automated software deployment and not vulnerability assessment.

Reference Extract from Study Guide:

"The Common Vulnerabilities and Exposures (CVE) database provides standardized information on publicly known cybersecurity vulnerabilities, enabling risk assessment of software components."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Vulnerability Management Concepts

=============================================