Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

Wgu C726 Cybersecurity Architecture and Engineering latest Upload Exam 2026

Rating
-
Sold
-
Pages
13
Grade
A+
Uploaded on
22-03-2026
Written in
2025/2026

Cybersecurity Wgu C726 Cybersecurity Architecture and Engineering latest Upload Exam 2026 Cybersecurity architecture is about how to weave together the various security mechanisms and capability into a coherent whole that is effective in thwarting adversaries from accomplishing their strategic attack goals. Architecture requires effective building blocks as discussed up to this point in the course, and, just as importantly, how to place and connect those building blocks in the proper manner using design principles. Murphy's Law Prevent failures before they occur Detect failures when they occur Recover from failures when they are detected Tolerate failures until the system recovers Design Flaws The return on investment of eliminating faults early in the development process is significant. It is up to 100 times more expensive to fix faults discovered in the maintenance phase than in the design phase. Security flaws fixed in the design phase means the flaw was caught in the beginning of the process. Security flaws fixed in the implementation stage costs 6.5 times what it would cost if caught in the design phase. Security flaws fixed in the testing phase costs 15 times what it costs in the design phase. margin of safety (minimum acceptable risk) Cybersecurity Cybersecurity A margin of safety calls for engineering systems to meet requirements beyond those required by the existing specifications. This margin of safety can be as high as three times if the three factors discussed previously warrant it and the stakes of failure are sufficiently high. minimum requirements: User behavior Unforeseen circumstances Uncertainty Modularity is the design principle that calls for the aggregation of similar functions into a programming entity with Clear control boundaries Private data structures Well-defined interfaces Abstraction is a similar concept to modularity. Abstraction is about dealing with system complexity by hiding details so that all complexities and all possible interactions do not have to be considered at once. Scalability analysis should be done regarding both the deployment and operation of any system (from both a user and a system operator perspective)—particularly for cybersecurity systems. One key to understanding scalability is understanding complexity. complexity here are two types of complexity: time and space. Time complexity refers to how much time a task will take. Space complexity refers to how much memory a task will take. Time complexity is the focus of the remainder of this section. Space complexity is parallel in structure and is therefore omitted for brevity. Cybersecurity Cybersecurity Recursion is a programming technique that implements a divide and conquer approach to solving complex problems. It allows a function to call itself and suspend processing until the call is answered by successively simpler versions of the problem. Transitive trust is the concept that if A trusts B and B trusts C, then A inherits trust of C through the transitive property—which works like it would in a mathematical equation: if a = b, and b = c, then a = c. closed system is designed to work well with a narrow range of other systems, generally all from the same manufacturer. The standards for closed systems are often proprietary and not normally disclosed. Open systems are designed using agreed-upon industry standards. Open systems are much easier to integrate with systems from different manufacturers that support the same standards. security model provides a way for designers to map abstract statements into a security policy that prescribes the algorithms and data structures necessary to build hardware and software. confinement allows a process to read from and write to only certain memory locations and resources. This is also known as sandboxing. The operating system, or some other security component, disallows illegal read/write requests. If a process attempts to initiate an action beyond its granted authority, that action will be denied. Isolation is used to protect the operating environment, the kernel of the operating system (OS), and other independent applications. Isolation is an essential component of a stable operating system. Isolation is what prevents an application from accessing the memory or resources of another application, whether for good or ill. trusted system Cybersecurity Cybersecurity is one in which all protection mechanisms work together to process sensitive data for many types of users while maintaining a stable and secure computing environment. Assurance is simply defined as the degree of confidence in satisfaction of security needs. Assurance must be continually maintained, updated, and reverified. security token ………….is a separate object that is associated with a resource and describes its security attributes. capabilities list maintains a row of security attributes for each controlled object security label which is generally a permanent part of the object to which it's attached. Once a security label is set, it usually cannot be altered. This permanence provides another safeguard against tampering that neither tokens nor capabilities lists provide. trusted computing base (TCB) as a combination of hardware, software, and controls that work together to form a trusted base to enforce your security policy finite state machine (FSM) combines an external input with an internal machine state to model all kinds of complex systems, including parsers, decoders, and interpreters. Given an input and a state, an FSM transitions to another state and may create an output. Mathematically, the next state is a function of the current state and the input next state; that is, the next state = F(input, current state). Likewise, the output is also a function of the input and the current state output; that is, the output = F(input, current state). information flow model focuses on the flow of information. Information flow models are based on a state machine model. Information flow models are designed to prevent unauthorized, insecure, or restricted information flow, often between different levels of security (these are often referred to as multilevel models). Cybersecurity Cybersecurity noninterference model is loosely based on the information flow model. However, instead of being concerned about the flow of information, the noninterference model is concerned with how the actions of a subject at a higher security level affect the system state or the actions of a subject at a lower security level. Basically, the actions of subject A (high) should not affect the actions of subject B (low) or even be noticed by subject B. The real concern is to prevent the actions of subject A at a high level of security classification from affecting the system state at a lower level. If this occurs, subject B may be placed into an insecure state or be able to deduce or infer information about a higher level of classification. This is a type of information leakage and implicitly creates a covert channel. Thus, the noninterference model can be imposed to provide a form of protection against damage caused by malicious programs such as Trojan horses. Composition Theories Cascading: Input for one system comes from the output of another system. Feedback: One system provides input to another system, which reciprocates by reversing those roles (so that system A first provides input for system B and then system B provides input to system A). Hookup: One system sends input to another system but also sends input to external entities. Take-Grant model employs a directed graph (Figure 8.2) to dictate how rights can be passed from one subject to another or from a subject to an object. Simply put, a subject with the grant right can grant another subject or another object any other right they possess. Likewise, a subject with the take right can take a right from another subject. Take rule Allows a subject to take rights over an object Grant rule Allows a subject to grant rights to an object Create rule Allows a subject to create new rights Remove rule Allows a subject to remove rights it has access control matrix Cybersecurity Cybersecurity a table of subjects and objects that indicates the actions or functions that each subject can perform on each object. Each column of the matrix is an access control list (ACL). Each row of the matrix is a capabilities list. An ACL is tied to the object; it lists valid actions each subject can perform. Bell-LaPadula model multilevel model was derived from the DoD's multilevel security policies. The classifications the DoD uses are numerous; however, discussions of classifications within the CISSP Common Body of Knowledge (CBK) are usually limited to unclassified, sensitive but unclassified, confidential, secret, and top secret. The multilevel security policy states that a subject with any level of clearance can access resources at or below its clearance level. This model is built on a state machine concept and the information flow model. It also employs mandatory access controls and the lattice concept. Biba Model was designed after the Bell-LaPadula model. Where the Bell-LaPadula model addresses confidentiality, the Biba model addresses integrity. The Biba model is also built on a state machine concept, is based on information flow, and is a multilevel model. In fact, Biba appears to be pretty similar to the Bell-LaPadula model, except inverted. Both use states and transitions. Both have basic properties. The biggest difference is their primary focus: Biba primarily protects data integrity. Biba was designed to address three integrity issues: Prevent modification of objects by unauthorized subjects. Prevent unauthorized modification of objects by authorized subjects. Protect internal and external object consistency. Clark-Wilson Model The Clark-Wilson model does not require the use of a lattice structure; rather, it uses a three-part relationship of subject/program/object (or subject/transaction/object) known as a triple or an access control triple. Subjects do not have direct access to objects. Objects can be accessed only through programs. Through the use of two principles— Cybersecurity Cybersecurity well-formed transactions and separation of duties—the Clark-Wilson model provides an effective means to protect integrity. Brewer and Nash Model (aka Chinese Wall) created to permit access controls to change dynamically based on a user's previous activity (making it a kind of state machine model as well). This model applies to a single integrated database; it seeks to create security domains that are sensitive to the notion of conflict of interest (for example, someone who works at Company C who has access to proprietary data for Company A should not also be allowed access to similar data for Company B if those two companies compete with each other). This model is known as the Chinese Wall model because it creates a class of data that defines which security domains are potentially in conflict and prevents any subject with access to one domain that belongs to a specific conflict class from accessing any other domain that belongs to the same conflict class. Sutherland model is an integrity model. It focuses on preventing interference in support of integrity. It is formally based on the state machine model and the information flow model. However, it does not directly indicate specific mechanisms for protection of integrity. Instead, the model is based on the idea of defining a set of system states, initial states, and state transitions. Through the use of only these predetermined secure states, integrity is maintained and interference is prohibited. Graham-Denning model is focused on the secure creation and deletion of both subjects and objects. Graham Denning is a collection of eight primary protection rules or actions that define the boundaries of certain secure actions: Securely create an object. Securely create a subject. Securely delete an object. Securely delete a subject. Securely provide the read access right. Securely provide the grant access right. Cybersecurity Cybersecurity Securely provide the delete access right. Securely provide the transfer access right. TCSEC Classes and Required Functionality Category A: Verified protection. The highest level of security. Category B: Mandatory protection. Category C: Discretionary protection. Category D: Minimal protection. Reserved for systems that have been evaluated but do not meet requirements to belong to any other category. Red Book Because the Orange Book applies only to stand-alone computers not attached to a network, and so many systems were used on networks (even in the 1980s), the Red Book was developed to interpret the TCSEC in a networking context. In fact, the official title of the Red Book is Trusted Network Interpretation of the TCSEC so it could be considered an interpretation of the Orange Book with a bent on networking. Quickly the Red Book became more relevant and important to system buyers and builders than the Orange Book. Green Book The Green Book, or the Department of Defense Password Management Guidelines, provides password creation and management guidelines; it's important for those who configure and manage trusted systems. rainbow series Differences between TCSEC and ITSEC Although the TCSEC concentrates almost exclusively on confidentiality, ITSEC addresses concerns about the loss of integrity and availability in addition to confidentiality, thereby covering all three elements so important to maintaining complete information security. ITSEC does not rely on the notion of a TCB, and it doesn't require that a system's security components be isolated within a TCB. Unlike TCSEC, which required any changed systems to be reevaluated anew—be it for Cybersecurity Cybersecurity operating system upgrades, patches, or fixes; application upgrades or changes; and so forth—ITSEC includes coverage for maintaining targets of evaluation after such changes occur without requiring a new formal evaluation. Common Criteria (CC) represents a more or less global effort that involves everybody who worked on TCSEC and ITSEC as well as other global players. Ultimately, it results in the ability to purchase CC-evaluated products (where CC, of course, stands for Common Criteria). The Common Criteria defines various levels of testing and confirmation of systems' security capabilities, and the number of the level indicates what kind of testing and confirmation has been performed. Nevertheless, it's wise to observe that even the highest CC ratings do not equate to a guarantee that such systems are completely secure or that they are entirely devoid of vulnerabilities or susceptibilities to exploit. The Common Criteria was designed as a product evaluation model. EALs 1 through 7 EAL1 Functionally testedApplies when some confidence in correct operation is required but where threats to security are not serious. This is of value when independent assurance that due care has been exercised in protecting personal information is necessary.EAL2Structurally testedApplies when delivery of design information and test results are in keeping with good commercial practices. This is of value when developers or users require low to moderate levels of independently assured security. IT is especially relevant when evaluating legacy systems.EAL3Methodically tested and checkedApplies when security engineering begins at the design stage and is carried through without substantial subsequent alteration. This is of value when developers or users require a moderate level of independently assured security, including thorough investigation of TOE and its development.EAL4Methodically designed, tested, and reviewedApplies when rigorous, positive security engineering and good commercial development practices are used. This does not require substantial specialist knowledge, skills, or resources. It involves independent testing of all TOE security functions.EAL5Semi-formally designed and testedUses rigorous security engineering and commercial development practices, including specialist security engineering techniques, for semi-formal testing. This applies when developers or users require a Cybersecurity Cybersecurity high level of independently assured security in a planned development approach, followed by rigorous development.EAL6Semi-formally verified, designed, and testedUses direct, rigorous security engineering techniques at all phases of design, development, and testing to produce a premium TOE. This applies when TOEs for high risk situations are needed, where the value of protected assets justifies additional cost. Extensive testing reduces risks of penetration, probability of cover channels, and vulnerability to attack.EAL7Formally verified, designed, and testedUsed only for highest risk situations or where high-value assets are involved. This is limited to TOEs where tightly focused security functionality is subject to extensive formal analysis and testing. Name at least seven security models. Security models include state machine, information flow, noninterference, Take-Grant, access control matrix, Bell-LaPadula, Biba, Clark-Wilson, Brewer and Nash (aka Chinese Wall), Goguen-Meseguer, Sutherland, and GrahamDenning. Describe the primary components of TCB. The primary components of the trusted computing base (TCB) are the hardware and software elements used to enforce the security policy (these elements are called the TCB), the security perimeter distinguishing and separating TCB components from non TCB components, and the reference monitor that serves as an access control device across the security perimeter What are the two primary rules or principles of the Bell-LaPadula security model? Also, what are the two rules of Biba? The two primary rules of Bell-LaPadula are the simple rule of no read-up and the star rule of no write-down. The two rules of Biba are the simple rule of no read-down and the star rule of no write-up. What is the difference between open and closed systems and open and closed source? An open system is one with published APIs that allow third parties to develop products to interact with it. A closed system is one that is proprietary with no third-party product support. Open source is a coding stance that allows others to view the source code of a program. Closed source is an opposing coding stance that keeps source code confidential. execution of an attack Cybersecurity Cybersecurity Find a point in target system to which attacker has access. Attack the access point to gain a toehold. Escalate privilege from toehold to gain broader access. Use broader access to find target subsystems. Attack from access point to target systems. Attack target systems. Assess effectiveness of attack. Iterate and extend attack as needed. confidentiality value The four types of secrets are as follows and will be explained further in subsequent sections. Acquired-knowledge secrets: Those gained through processes such as research and development—are expensive to gain; losing them is irreversible and costly, and detecting their loss is useful, but not critical. Planning secrets: Those created through the planning processes in a competitive environment—are high value to prevent loss, but even higher value to detect because not knowing that the competitor knows one's secret could be lethal to an organization. Stolen secrets: Those acquired from a competing or opposing organization—are often moderately important to keep secret (depending on the type of stolen secret) and moderately important to detect that the secret was stolen. Means-of-stealing-secrets secrets: Secrets that are typically the most highly valued secrets, and detecting their loss is high priority because of the damage an adversary can do by feeding deceiving information into compromised sources or channels of communication. six phases in the life cycle of authentication Entity identification is a registration process that generally happens outside of the technological system for person entities. A person provides physical proof, such as a driver's license, to prove to a system registrar that they are who they claim to be. Identity certification - three types of unique identifying schema: something you know, something you have, and something you are Cybersecurity Cybersecurity Identity resolution - Once identity certification is complete, identity resolution is performed. This step simply refers to the process of getting the unique data and devices set up and conferred to the person in such a way as to maintain the assumptions about uniqueness. Identity assertion & Identity proving: Phases 4 and 5 of authentication represent the operational-use phase, which is most properly termed authentication. One entity asserts its identity to another entity. If there is little at stake, such as providing the time of day service, the entity to whom the original entity was asserting its identity may choose to just trust the assertion. Identity decertification: is the final phase of authentication and is the primary process within the management grouping. Identity decertification is the process of removing a registered identity from the system, typically because the person has left an organization or their identity was somehow compromised. the message meaning rule states that if A sees a message encrypted under K, and K is a good key for communicating with B, then he will believe that the message was once said by B. (We assume that each principal can recognize and ignore his or her own messages.) Formally, the nonce-verification rule states that if a principal once said a message, and the message is fresh, then that principal still believes it. Formally, A∣≡B∣≡XA∣≡♯X,A∣≡B∣∼X the jurisdiction rule states that if a principal believes something, and is an authority on the matter, then he or she should be believed. Formally, we write that A∣≡XA∣≡B∣⇒X,A∣≡B∣≡X teams with their roles in penetration testing IT resources Red team: Simulates adversary Blue team: Simulates defense team White team: Referees in exercise to ensure compliance with rules Purple team: Limited collaboration of a joint red an

Show more Read less
Institution
WGU D488 Cybersecurity Architecture
Course
WGU D488 Cybersecurity Architecture

Content preview

Cybersecurity




Wgu C726 Cybersecurity Architecture
and Engineering latest Upload Exam
2026
Cybersecurity architecture
is about how to weave together the various security mechanisms and capability into a
coherent whole that is effective in thwarting adversaries from accomplishing their
strategic attack goals. Architecture requires effective building blocks as discussed up to
this point in the course, and, just as importantly, how to place and connect those
building blocks in the proper manner using design principles.
Murphy's Law
Prevent failures before they occur
Detect failures when they occur
Recover from failures when they are detected
Tolerate failures until the system recovers
Design Flaws
The return on investment of eliminating faults early in the development process is
significant. It is up to 100 times more expensive to fix faults discovered in the
maintenance phase than in the design phase.


Security flaws fixed in the design phase means the flaw was caught in the beginning of
the process.


Security flaws fixed in the implementation stage costs 6.5 times what it would cost if
caught in the design phase.


Security flaws fixed in the testing phase costs 15 times what it costs in the design
phase.
margin of safety (minimum acceptable risk)

Cybersecurity

, Cybersecurity


A margin of safety calls for engineering systems to meet requirements beyond those
required by the existing specifications. This margin of safety can be as high as three
times if the three factors discussed previously warrant it and the stakes of failure are
sufficiently high.
minimum requirements:
User behavior
Unforeseen circumstances
Uncertainty
Modularity
is the design principle that calls for the aggregation of similar functions into a
programming entity with


Clear control boundaries
Private data structures
Well-defined interfaces
Abstraction
is a similar concept to modularity. Abstraction is about dealing with system complexity
by hiding details so that all complexities and all possible interactions do not have to be
considered at once.
Scalability
analysis should be done regarding both the deployment and operation of any system
(from both a user and a system operator perspective)—particularly for cybersecurity
systems. One key to understanding scalability is understanding complexity.
complexity
here are two types of complexity: time and space.


Time complexity refers to how much time a task will take.


Space complexity refers to how much memory a task will take. Time complexity is the
focus of the remainder of this section. Space complexity is parallel in structure and is
therefore omitted for brevity.

Cybersecurity

Written for

Institution
WGU D488 Cybersecurity Architecture
Course
WGU D488 Cybersecurity Architecture

Document information

Uploaded on
March 22, 2026
Number of pages
13
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

  • wgu c726
$13.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller
Seller avatar
AlexScorer
2.5
(2)

Get to know the seller

Seller avatar
AlexScorer Chamberlain College Of Nursing
View profile
Follow You need to be logged in order to follow users or courses
Sold
10
Member since
1 year
Number of followers
0
Documents
1814
Last sold
1 month ago
Best Scorers Review Guide

Hesitate not to get 100% Recent updated and Verified Documents .Total Guarantee to success

2.5

2 reviews

5
0
4
1
3
0
2
0
1
1

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions