Cybersecurity-Architecture-and-Engineering Exam Dumps - WGU Cybersecurity Architecture and Engineering (KFO1/D488)

The correct answer is A — Unsecured wireless access points.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that unauthorized logins to a WLAN often indicate poorly secured wireless access points, such as those lacking strong encryption (e.g., WPA2/WPA3), not using strong passwords, or having open accesswithout authentication. This vulnerability can allow attackers to access internal systems and sensitive data.

Up-to-date anti-malware software (B), a strong password policy (C), and regular security training (D) are good security practices but do not directly explain unauthorized WLAN access.

Reference Extract from Study Guide:

"Unauthorized wireless access often results from unsecured wireless configurations, including weak encryption, open networks, or default credentials, posing significant risks to organizational assets."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Wireless Security Concepts

=============================================

Private Information Retrieval (PIR)allows a user to retrieve data from a server without revealingwhich datais being requested. It’s aprivacy-preserving protocolprimarily used in secure databases and web applications.

ACM Computing Surveys – Private Information Retrieval:

“PIR enables users to query a database without disclosing the identity of the item being retrieved, maintaining the user’s privacy.”

Homomorphic encryption protects data during processing, while PIR protectsaccess patterns.

🔹WGU Course Alignment:

Domain:Cryptography and Privacy Engineering

Topic:Apply PIR techniques for private querying in databases

The correct answer is B — Advanced Encryption Standard (AES).

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), AES is a widely adopted symmetric encryption standard that ensures the confidentiality and integrity of sensitive data, including patient health information, which HIPAA mandates to protect. AES is considered highly secure and efficient for encrypting stored or transmitted healthcare data.

WEP (A) is outdated and insecure. SMTP (C) is a protocol for sending emails, not encryption. RSA (D) is an asymmetric encryption method typically used for key exchanges, not bulk data encryption.

Reference Extract from Study Guide:

"Advanced Encryption Standard (AES) is recommended for encrypting sensitive healthcare data, providing strong protection for confidentiality and integrity in HIPAA-regulated environments."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Encryption Standards and Regulatory Compliance

=============================================

The correct answer is D — Mission essential functions (MEFs).

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) specifies that mission essential functions (MEFs) are those activities that must be maintained or resumed quickly during or after a disruption to ensure continuity of critical operations, particularly for government agencies.

BCP (A) is the plan itself. DR (B) focuses on IT and system recovery. RPO (C) measures acceptable data loss but does not define critical services.

Reference Extract from Study Guide:

"Mission essential functions (MEFs) are critical activities that must be performed continuously or resumed quickly after disruption to support business or agency operations."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Continuity of Operations Planning

=============================================

The correct answer is B — Compare the unknown address to known IP addresses to determine if it is a threat.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), proper threat analysis requires identifying and verifying whether an unknown source is malicious before taking action. Comparing the IP address against known threat databases or intelligence feeds allows the organization to make informed decisions.

Permanently blocking (A) or temporarily blocking (C) without analysis could cause disruption if the IP is legitimate. Rate limiting (D) reduces traffic but does not determine threat status.

Reference Extract from Study Guide:

"Effective incident analysis begins by verifying and classifying the suspicious activity, including checking unknown IP addresses against threat intelligence sources."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Threat Analysis and IncidentHandling

=============================================

The correct answer is C — ChaCha.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, ChaCha is a stream cipher developed as a variant of Salsa20. It offers enhanced security, improved performance, and resistance to cryptographic attacks. It is often combined with Poly1305 forauthenticated encryption, commonly used in modern secure communications.

CTR (A) and CBC (B) are block cipher modes, not stream ciphers. ECB (D) is a block cipher mode and is insecure due to its lack of diffusion properties.

Reference Extract from Study Guide:

"ChaCha is a modern stream cipher, evolved from Salsa20, designed for speed and security, and often used alongside Poly1305 for authenticated encryption."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Encryption Technologies

=============================================

The correct answer is C — Integration testing.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), integration testing verifies that different modules or components of an application work together as intended.This type of testing is essential after deployment to ensure the overall system functions correctly across all tiers (e.g., web, application, and database layers).

Static code analysis (A) examines source code without execution. Dynamic code analysis (B) tests running code for vulnerabilities but not necessarily component interaction. Package scanning (D) reviews third-party libraries for vulnerabilities but does not test integration.

Reference Extract from Study Guide:

"Integration testing verifies that multiple components of an application function correctly when combined, ensuring end-to-end system reliability post-deployment."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Secure Software Development and Testing

The correct answer is C — Implementation of secure user authentication protocols.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) emphasizes that secure authentication mechanisms, like strong passwords, multifactor authentication, and session management, prevent unauthorized access and impersonation, thus helping prevent cheating inlearning platforms.

Firewall policies (A) and disabling Bluetooth (B) harden systems but do not directly address authentication. Software updates (D) protect against system vulnerabilities but not user integrity.

Reference Extract from Study Guide:

"Secure authentication protocols ensure that users accessing learning management systems are properly verified, reducing risks of impersonation and cheating."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Secure Access Control and Identity Verification

=============================================