Cybersecurity-Architecture-and-Engineering Exam Dumps - WGU Cybersecurity Architecture and Engineering (KFO1/D488)

The correct answer is C — Encrypting data.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) states that encryption is the best defense against man-in-the-middle attacks because even if traffic is intercepted, the data remains unreadable without the appropriate decryption keys.

Disabling Wi-Fi (A) is not practical and does not eliminate MITM threats entirely. Password policies (B and D) strengthen account security but do not protect data transmission.

Reference Extract from Study Guide:

"Encryption ensures the confidentiality of data in transit, preventing unauthorized parties from accessing the content even during man-in-the-middle attacks."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Data Transmission Security

=============================================

The correct answer is C — Encryption.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) clearly states that encryption protects the confidentiality of transmitted information. In the case of SNMP (especially older versions like SNMPv1 and SNMPv2), communications are unencrypted, making encryption critical to protecting network management information from unauthorized disclosure.

Access controls (A) restrict who can access systems but do not encrypt data. Network segmentation (B) separates systems but does not encrypt traffic. Security monitoring (D) detects threats but does not protect data confidentiality.

Reference Extract from Study Guide:

"Encryption safeguards sensitive data transmitted over the network, ensuring confidentiality in compliance with privacy regulations such as HIPAA."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Network Security and Data Protection

Parallel conversion is a system deployment method where the new system is implemented and runs alongside the old system for a period of time. This method allows for:

Comparison of outputs: Ensuring that the new system produces the same or better results as the old system.

Risk reduction: If there are issues with the new system, the old system can still be used without interrupting business operations.

User adaptation: Users can get accustomed to the new system while still having access to the familiar old system.

Parallel conversion is often used to minimize the risk associated with deploying a new system.

References

Harold Kerzner, "Project Management: A Systems Approach to Planning, Scheduling, and Controlling," Wiley.

Kathy Schwalbe, "Information Technology Project Management," Cengage Learning.

The correct answer is B — Access logs.

As outlined in the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, access logs record who accessed which system components, when they did so, and what changes they made. These logs are vital for creating an audit trail that can be reviewed to detect unauthorized changes to applications or systems.

NetFlow logs (A) track network traffic flows but not system or application changes. Packet capture logs (C) deal with network data but are not specialized for auditing application-level events. Router logs (D) capture network device activity, not application access information.

Reference Extract from Study Guide:

"Access logs maintain detailed records of user actions within systems and applications, providing the necessary audit trail for tracking authorized and unauthorized activities."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Log Management Concepts

=============================================

Step by Step Comprehensive Detailed Explanation

A compiler is a program that translates source code written in a high-level programming language into machine code.

Definition: A compiler processes the entire source code of a program and translates it into a machine code executable.

Functionality: This process is typically done in several stages, including lexical analysis, syntax analysis, semantic analysis, optimization, and code generation.

Output: The result is an executable file that can be run on a specific operating system.

References

"Compilers: Principles, Techniques, and Tools" by Alfred V. Aho, Monica S. Lam, Ravi Sethi, and Jeffrey D. Ullman

NISTIR 7860, "C++ Coding Standards"

The correct answer is D — Private information retrieval (PIR).

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that PIR allows users to query a database in such a way that the server cannot determine what information the user is retrieving. It protects user privacy while enabling database interaction.

SFE (A) involves computing a function without revealing inputs. PFE (B) is similar to SFE but focuses on functions. Homomorphic encryption (C) allows computation but not necessarily private querying.

Reference Extract from Study Guide:

"Private Information Retrieval (PIR) enables users to access database information without revealing the nature of the query to the server, preserving user privacy."

The correct answer is D — BIOS protection.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) recommends enabling BIOS protection features such as BIOS passwords, secure boot, and firmware write protection to prevent unauthorized changes to BIOS firmware. BIOS protection locks the firmware settings to prevent tampering.

BIOS monitoring (A) detects changes but does not prevent them. IDS (B) detects network attacks, not firmware changes. Backups (C) protect data but not BIOS integrity.

Reference Extract from Study Guide:

"BIOS protection involves securing firmware with authentication methods and write protections to prevent unauthorized modifications at the hardware level."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Hardware and Firmware Security

=============================================

The correct answer is C — Replacing the legacy firewalls with next-generation firewalls (NGFWs).

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) outlines that NGFWs integrate advanced features like intrusion detection and prevention, application control, and real-time threat intelligence. They are designed to detect and alert on inbound threats as required by the mandate.

SIEM appliances (A) collect logs and correlate events but do not replace firewall functionality. Load balancers (B) manage traffic distribution, not threat detection. Reverse proxies (D) secure and balance traffic for web servers, not general firewall traffic.

Reference Extract from Study Guide:

"Next-generation firewalls (NGFWs) provide integrated intrusion detection and prevention capabilities, fulfilling modern security requirements for real-time threat monitoring and alerting."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Firewall Technologies and Modern Security Controls