Cybersecurity-Architecture-and-Engineering Exam Dumps - WGU Cybersecurity Architecture and Engineering (KFO1/D488)

The correct answer is D — Implementation of licensing technologies in order to restrict unauthorized access to the system.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), using licensing technologies helps prevent software piracy by ensuring that only authorized users with valid licenses can access and operate the system. License management solutions validate user access and reduce unauthorized duplication or usage of proprietary software.

Disabling external devices (A) protects against physical data theft but not piracy. Encrypting patient data (B) protects confidentiality but not against software piracy. Virus scanning (C) detects malware, not unauthorized software copying.

Reference Extract from Study Guide:

"Licensing technologies enforce legal software use and prevent unauthorized access, helping organizations protect intellectual property and defeat piracy efforts."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Software and Intellectual Property Protection

=============================================

The correct answer is D — Packet capture.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488) content, packet captures (PCAP files) allow analysts to inspect individual network packets to understand traffic patterns, detect anomalies, and investigate attacks like DDoS. A packet capture provides complete network session data, enabling in-depth analysis of traffic behavior at the packet level.

Web server access logs (A) only capture web activity. Syslog messages (B) primarily record system events but not raw traffic data. Operating system event logs (C) focus on system-level actions, not network flows.

Reference Extract from Study Guide:

"Packet captures record the full network traffic and are essential for investigating network-based attacks such as DDoS incidents by analyzing traffic flows, protocols, and payloads."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Network Security Monitoring Concepts

=============================================

Recovery Point Objective (RPO)defines themaximum acceptable amount of data lossmeasured in time. It determines how often backups should occur to avoid losing critical business data.

NIST SP 800-34 Rev. 1:

“RPO represents the point in time prior to an outage to which systems and data must be restored to resume business operations.”

CDP is a method; RPO is thestrategic planning metric.

🔹WGU Course Alignment:

Domain:Business Continuity and Disaster Recovery

Topic:Define RPO to support data resilience and backup planning

AnEnd User License Agreement (EULA)is a legal contract between the software manufacturer and the user.

The primary purpose of a EULA is togrant the user the right to use the software.

It outlines the terms and conditions under which the software can be used.

This can include restrictions on installation, distribution, and modification.

The EULA helps protect the intellectual property rights of the software creator.

A floating-point data type is used for numerical calculations that require a decimal point, such as percentages. In this case, to calculate 90% of the retail price of an item, a floating-point data type is necessary because it can represent both the whole number and the fractional part of the number, allowing for precise calculations.

The correct answer is C — Competitor.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), competitors often attempt to steal intellectual property to gain a business advantage. Given the theft of valuable business assets (e-books and videos), the most likely actor is a competitor motivated by financial or market advantage, not ideology or random hacking.

An APT (A) is usually nation-state-sponsored and targets critical infrastructure. A novice hacker (B) might deface or cause damage but is less likely focused on IP theft. Hacktivists (D) are politically motivated, not financially.

Reference Extract from Study Guide:

"Competitors may engage in cyber espionage to steal intellectual property and gain market advantage, representing a significant threat to business assets."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Threat Actor Categories

The correct answer is D — Weak passwords.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), unauthorized SSH access from an unknown IP address often suggests that the attacker exploited weak or compromised passwords to gain access. Weak passwords are a common vulnerability for services exposed to the internet, especially SSH servers.

Exfiltration (A) refers to data theft after access, not initial unauthorized access. Unpatched software (B) might lead to other vulnerabilities but is not indicated here. Enumeration (C) is gathering information but not gaining login access directly.

Reference Extract from Study Guide:

"Weak or compromised passwords are a primary cause of unauthorized access, particularly for remote management interfaces such as SSH."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Authentication Security BestPractices

=============================================

Packet sniffing is a technique used to capture and analyze network traffic, which can include intercepting passwords while they are in transit.

When data packets are transmitted over a network, a packet sniffer can capture these packets, and if they are not encrypted, it can read sensitive information like passwords.

The other options:

Buffer overflow is a type of attack that exploits a program's memory handling.

Phishing is a social engineering attack to deceive users into providing sensitive information.

Black hat refers to a hacker with malicious intent, not a specific technique.

Therefore, packet sniffing is the correct technique for obtaining passwords in transit.