Cybersecurity-Architecture-and-Engineering Exam Dumps - WGU Courses and Certificates Questions and Answers

The development of scope creep is often signaled by the addition of many unplanned features to the original project. This indicates that the project scope is expanding beyond its initial boundaries. Key indicators include:

Uncontrolled changesto the project scope.

Continuous new requestsfrom stakeholders that were not part of the original requirements.

Increased project complexityand difficulty in managing the project timeline and resources.

Scope creep can lead to delays, budget overruns, and project failure if not managed properly.

References

Project Management Institute, "A Guide to the Project Management Body of Knowledge (PMBOK Guide)," PMI.

Harold Kerzner, "Project Management: A Systems Approach to Planning, Scheduling, and Controlling," Wiley.

DNSSEC (Domain Name System Security Extensions)is a security protocol that adds cryptographic validation to DNS responses, making it nearly impossible for attackers to spoof DNS responses or redirect users to malicious sites.

NIST SP 800-81 Rev. 2 (Secure Domain Name System (DNS) Deployment Guide):

“DNSSEC provides data origin authentication and data integrity to DNS responses using digital signatures, effectively mitigating spoofing and cache poisoning attacks.”

While patching and awareness are important, DNSSECdirectly mitigatesthe technical risk described.

????WGU Course Alignment:

Domain:System Security Engineering

Topic:Implement DNS hardening techniques such as DNSSEC

Logging and monitoringendpoint activity enables early detection of unauthorized access, suspicious file changes, or user behavior anomalies that may indicate an insider threat or external breach.

NIST SP 800-137 (Information Security Continuous Monitoring):

“Endpoint logging and behavior monitoring are essential for detecting unauthorized access to sensitive information, especially in healthcare environments governed by HIPAA.”

This control supportsreal-time alerting,incident response, andcompliance auditingfor patient data (ePHI).

????WGU Course Alignment:

Domain:System Security Engineering

Topic:Implement endpoint monitoring and logging for healthcare compliance (e.g., HIPAA)

Tabletop exercisessimulate emergency scenarios in alow-risk, discussion-based format, allowing teams to walk through recovery procedures and decision-making without disrupting actual business operations.

NIST SP 800-84 (Guide to Test, Training, and Exercise Programs):

“Tabletop exercises are effective tools for validating plans and procedures in a discussion format without impacting normal operations.”

Full interruption tests are disruptive; checklists and walkthroughs offer lower fidelity evaluations.

????WGU Course Alignment:

Domain:Business Continuity and Disaster Recovery

Topic:Test disaster plans using low-impact simulation techniques

Obfuscating error messagesprevents attackers from receiving technical details (e.g., software version, file paths, or database errors) that they can use for exploitation. This is part ofsecure codinganderror handlingpractices.

OWASP Secure Coding Practices – Error Handling and Logging:

“Applications should not disclose detailed error messages to users. Instead, provide generic messages to prevent leakage of system or application details.”

HTTPS secures transport, but doesn't addressinformation disclosurevia error output.

????WGU Course Alignment:

Domain:Information Systems and Architecture

Topic:Implement secure design practices (e.g., error handling, obfuscation)

The correct answer is B — Asymmetric encryption.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), asymmetric encryption uses a pair of public and private keys, allowing the sender to encrypt the documents with the recipient’s public key, ensuring that only the recipient’s private key can decrypt them. This guarantees confidentiality even over an unsecured network.

Stream ciphers (A) and block ciphers (C) are types of symmetric encryption, requiring a shared secret key. Hash functions (D) provide integrity, not confidentiality.

Reference Extract from Study Guide:

"Asymmetric encryption enables secure data exchange by allowing encryption with a public key and decryption only with a corresponding private key, ensuring confidentiality over unsecured networks."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Cryptographic Methods and Key Management

=============================================

The correct answer is D — Security information and event management (SIEM).

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), a SIEM collects and correlates event data from multiple sources (such as cloud and on-premisesenvironments) in real-time. It provides centralized visibility, analysis, and alerting, which is critical in hybrid cloud deployments.

File integrity monitoring (A) watches for unauthorized file changes, not event correlation. DLP (B) protects sensitive data but does not correlate events. IDS (C) detects network intrusions but does not combine event data centrally.

Reference Extract from Study Guide:

"Security information and event management (SIEM) systems collect, normalize, correlate, andanalyze security event data from multiple sources, providing centralized monitoring and alerting."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Security Monitoring and Event Management

=============================================

The correct answer is C — Implementing local drive encryption on employee laptops.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that encryption protects sensitive data at rest, ensuring that if a laptop is lost or stolen, the data remains unreadable without the decryption key. This control directly addresses the protection of sensitive customer data.

Restricting software installation (A) is a good security practice but does not specifically protect stored sensitive data. Biometric authentication (B) strengthens authentication but does not encrypt data. Awareness training (D) helps users behave securely but does not technically protect the data itself.

Reference Extract from Study Guide:

"Local drive encryption protects sensitive data stored on mobile devices such as laptops, ensuring confidentiality even if the device is lost or stolen."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Endpoint Security and Device Hardening

=============================================

Wireless Intrusion Prevention Systems (WIPS)are specifically designed to monitor wireless networks and prevent rogue access points, MITM attacks, and wireless eavesdropping. Unlike Layer 3 switches or SIEM tools, WIPS directly addresses wireless threat vectors.

NIST SP 800-153 (Guidelines for Securing Wireless Local Area Networks):

“WIPS technologies help detect and prevent unauthorized wireless access points and attacks such as evil twin and man-in-the-middle attempts.”

????WGU Course Alignment:

Domain:Network Security

Topic:Implement wireless network protections (e.g., WIPS)

The correct answer is D — Upgrade the remaining end-of-life machines.

As outlined in WGU Cybersecurity Architecture and Engineering (KFO1 / D488), the best way to address end-of-life systems is to upgrade them to supported versions. End-of-life systems no longer receive security patches, leaving them highly vulnerable. Upgrading restores security and compliance.

Shutting down (A), disconnecting (B), or blocking (C) are temporary solutions that may disrupt operations but do not solve the root problem.

Reference Extract from Study Guide:

"Upgrading end-of-life systems is critical to restoring security and compliance, as unsupported systems are vulnerable to exploitation."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Vulnerability Management and Remediation

=============================================