Cybersecurity-Architecture-and-Engineering Exam Dumps - WGU Cybersecurity Architecture and Engineering (KFO1/D488)

The correct answer is A — Implementation of real-time transaction monitoring.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), real-time transaction monitoring detects and alerts suspicious banking activities immediately, helping prevent credit card fraud and securing the online banking system during deployment and use.

Strict firewall policies (B) help secure access but are not transaction-specific. Disabling email (C) and performing backups (D) are good practices but do not directly address fraud prevention.

Reference Extract from Study Guide:

"Real-time transaction monitoring identifies suspicious activities, providing immediate detection and prevention of fraudulent transactions in online banking systems."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Financial Systems and Fraud Prevention Strategies

=============================================

A database driver is a software component that enables communication between an application and a database.

Function: It acts as a bridge, allowing applications to send queries to the database and retrieve results.

Types: Common database drivers include ODBC (Open Database Connectivity) and JDBC (Java Database Connectivity).

References

"Database System Concepts" by Abraham Silberschatz, Henry F. Korth, and S. Sudarshan

"Data Management for Researchers" by Kristin Briney

Top of Form

It is better to purchase software rather than build a software solution in-house when there is a short timeline. Building software from scratch requires significant time for development, testing, and deployment. Purchasing off-the-shelf software can significantly reduce the time needed to implement a solution. Other considerations include:

Cost-effectiveness: Pre-built software can be more cost-effective than developing a custom solution, especially when factoring in the costs of development, maintenance, and support.

Immediate availability: Purchased software is usually ready to deploy immediately, whereas custom development can take months or even years.

Proven reliability: Commercial software often has a track record of reliability and user support, reducing the risk of bugs and issues that may arise with custom development.

Therefore, when time is of the essence, purchasing software is the preferable option.

References

Ian Sommerville, "Software Engineering," Pearson.

Steve McConnell, "Rapid Development: Taming Wild Software Schedules," Microsoft Press.

When an organization decides to expand its business by selling products online, the IT department needs to ensure that the website is equipped to handle e-commerce transactions. This involves:

Setting up a secure online payment system: Ensuring that payment gateways and encryption methods are in place to protect sensitive customer data.

Scalability: Making sure the website infrastructure can handle increased traffic and transaction volumes without compromising performance.

Integration: Ensuring the e-commerce platform is integrated with the organization's existing systems, such as inventory management, order fulfillment, and customer relationship management (CRM) systems.

Compliance: Adhering to regulatory requirements and industry standards for online transactions, such as PCI DSS compliance for payment processing.

Therefore, making sure the website can handle e-commerce transactions is crucial for a successful online business expansion.

References

Efraim Turban, Judy Whiteside, David King, and Jon Outland, "Introduction to Electronic Commerce and Social Commerce," Springer.

Laudon, K.C. and Traver, C.G., "E-commerce 2020-2021: Business, Technology, Society," Pearson.

The IT role responsible for the installation and maintenance of hardware and software that make up a computer network is the Network Administrator. Their responsibilities include:

Network installation: Setting up and configuring network hardware, such as routers, switches, firewalls, and servers.

Network maintenance: Ensuring the network operates smoothly, performing regular updates, and troubleshooting issues.

Security management: Implementing security measures to protect the network from unauthorized access, attacks, and breaches.

Performance monitoring: Monitoring network performance and making necessary adjustments to optimize speed and reliability.

Therefore, the Network Administrator is the correct role for these responsibilities.

References

William Stallings, "Data and Computer Communications," Pearson.

Andrew S. Tanenbaum and David J. Wetherall, "Computer Networks," Pearson.

The correct answer is D — Identity federation.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) details that identity federation enables users to authenticate using the same credentials across multiple systems and platforms, including hybrid cloud and on-premises environments. Federation facilitates Single Sign-On (SSO) and seamless authentication.

Two-step verification (A) improves authentication strength but does not federate identities. CHAP (B) is an old protocol for PPP connections. Privileged identity management (C) manages high-privilege accounts, not general user access across domains.

Reference Extract from Study Guide:

"Identity federation allows for seamless authentication across on-premises and cloud environments by trusting external identity providers, supporting Single Sign-On (SSO) and hybrid deployments."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Federation and Identity Management Concepts

The correct answer is A — Expiration.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), password expiration policies require users to change their passwords after a certain period, ensuring that long-term credential exposure risk is minimized.

Length (B) defines minimum password size. Recovery (C) relates to resetting forgotten passwords. Complexity (D) enforces character requirements, not age.

Reference Extract from Study Guide:

"Password expiration policies require users to update passwords regularly, minimizing the risk of long-term credential exposure."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Password Security Best Practices

=============================================

DNSSEC (Domain Name System Security Extensions)is a security protocol that adds cryptographic validation to DNS responses, making it nearly impossible for attackers to spoof DNS responses or redirect users to malicious sites.

NIST SP 800-81 Rev. 2 (Secure Domain Name System (DNS) Deployment Guide):

“DNSSEC provides data origin authentication and data integrity to DNS responses using digital signatures, effectively mitigating spoofing and cache poisoning attacks.”

While patching and awareness are important, DNSSECdirectly mitigatesthe technical risk described.

🔹WGU Course Alignment:

Domain:System Security Engineering

Topic:Implement DNS hardening techniques such as DNSSEC