2025 WGU D488 Cybersecurity Architecture and
Engineering Oa/ Wgu D488 Objective Assessment
2025 Test Bank 1 With 360 Actual Exam Questions
And Correct Answers / D488 OA Prep Test Bank 1
The security team has noticed that several endpoints on the network have been
infected with malware. Leadership has tasked the security team with identifying
these attacks in the future.
Which solution will notify the team automatically in the event of future malware
variants invading the network?
A) Security information and event management (SIEM) alerts
B) Data loss prevention (DLP) alerts
C) Antivirus alerts
D) Syslog alerts
C) Antivirus alerts
The cybersecurity analyst at a software company conducted a vulnerability
assessment to identify potential security risks to the organization and discovered
multiple vulnerabilities on the company's webpage. The analyst then provided the
results to the chief information security officer (CISO), who then decided not to fix
the discrepancies due to the vulnerabilities being outside of the organization's
resources.
Which risk mitigation strategy is demonstrated in this scenario?
A) Accept
B) Mitigate
C) Avoid
D) Transfer
A) Accept
pg. 1
,A security team has been tasked with mitigating the risk of stolen credentials after
a recent breach. The solution must isolate the use of privileged accounts. In the
future, administrators must request access to mission-critical services before they
can perform their tasks.
What is the best solution?
A) Identity and access management (IAM)
B) Password policies
C) Privileged access management (PAM)
D) Password complexity
C) Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The
security team has been tasked with hardening the access controls for a corporate
web application that was recently migrated. End users should be granted access to
different features based on their locations and departments.
Which access control solution should be implemented?
A) Kerberos
B) Mandatory access control (MAC)
C) Attribute-based access control (ABAC)
D) Privileged access management (PAM)
C) Attribute-based access control (ABAC)
A team of developers is building a new corporate web application. The security
team has stated that the application must authenticate users through two separate
channels of communication.
Which type of authentication method should the developers include when building
the application?
A) In-band authentication
B) Kerberos
C) Out-of-band authentication
D) Challenge-Handshake Authentication Protocol (CHAP)
pg. 2
,C) Out-of-band authentication
An IT organization is implementing a hybrid cloud deployment. Users should be
able to sign in to all corporate resources using their email addresses as their
usernames, regardless of whether they are accessing an application on-premises or
in the cloud.
Which solution meets this requirement?
A) JSON Web Token (JWT)
B) Trusted Platform Module (TPM)
C) Single sign-on (SSO)
D) Internet Protocol Security (IPsec)
C) Single sign-on (SSO)
The security team has been tasked with implementing a secure authorization
protocol for its web applications.
Which of the following protocols provides the best method for securely
authenticating users and granting access?
A) Simple network management protocol (SNMP)
B) Extensible Authentication Protocol (EAP)
C) Open Authentication (OAuth)
D) Secure Sockets Layer (SSL)
C) Open Authentication (OAuth)
An IT team is preparing the network for a hybrid cloud deployment. A security
analyst recently discovered that the firmware of a router in the core data center has
been compromised. According to the analyst, the attack occurred over a year ago
without being detected.
Which type of threat actor is the most likely cause of the attack?
A) Competitor
B) Hacktivist
C) Advanced persistent threat
D) Novice hacker
pg. 3
, C) Advanced persistent threat
The security operations center (SOC) team just received a notification that multiple
vulnerabilities are present in the codebase of a corporate application.
Which threat type is most likely in this scenario?
A) Advanced persistent threat
B) Insider threat
C) Supply chain
D) Organized crime
C) Supply chain
The security operations center (SOC) team for a global company is planning an
initiative to defend against security breaches. Leadership wants the team to
monitor for threats against the organization's data, credentials, and brand reputation
by scanning networks that can not be accessed via search engines.
Which type of network should be scanned based on the requirements?
A) Wireless fidelity
B) Intranet
C) Deep web
D) Supervisory control and data acquisition
C) Deep web
An electric power and water utility company has recently added a cybersecurity
division. The security operations center (SOC) team has been tasked with
leveraging an investigative framework that can accurately assess the motives,
means, and opportunities associated with common security attacks.
Which framework should be implemented?
A) National Institute of Standards and Technology (NIST)
B) Diamond Model of Intrusion Analysis
C) Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for
industrial control systems (ICS)
D) Cyber kill chain
pg. 4
Engineering Oa/ Wgu D488 Objective Assessment
2025 Test Bank 1 With 360 Actual Exam Questions
And Correct Answers / D488 OA Prep Test Bank 1
The security team has noticed that several endpoints on the network have been
infected with malware. Leadership has tasked the security team with identifying
these attacks in the future.
Which solution will notify the team automatically in the event of future malware
variants invading the network?
A) Security information and event management (SIEM) alerts
B) Data loss prevention (DLP) alerts
C) Antivirus alerts
D) Syslog alerts
C) Antivirus alerts
The cybersecurity analyst at a software company conducted a vulnerability
assessment to identify potential security risks to the organization and discovered
multiple vulnerabilities on the company's webpage. The analyst then provided the
results to the chief information security officer (CISO), who then decided not to fix
the discrepancies due to the vulnerabilities being outside of the organization's
resources.
Which risk mitigation strategy is demonstrated in this scenario?
A) Accept
B) Mitigate
C) Avoid
D) Transfer
A) Accept
pg. 1
,A security team has been tasked with mitigating the risk of stolen credentials after
a recent breach. The solution must isolate the use of privileged accounts. In the
future, administrators must request access to mission-critical services before they
can perform their tasks.
What is the best solution?
A) Identity and access management (IAM)
B) Password policies
C) Privileged access management (PAM)
D) Password complexity
C) Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The
security team has been tasked with hardening the access controls for a corporate
web application that was recently migrated. End users should be granted access to
different features based on their locations and departments.
Which access control solution should be implemented?
A) Kerberos
B) Mandatory access control (MAC)
C) Attribute-based access control (ABAC)
D) Privileged access management (PAM)
C) Attribute-based access control (ABAC)
A team of developers is building a new corporate web application. The security
team has stated that the application must authenticate users through two separate
channels of communication.
Which type of authentication method should the developers include when building
the application?
A) In-band authentication
B) Kerberos
C) Out-of-band authentication
D) Challenge-Handshake Authentication Protocol (CHAP)
pg. 2
,C) Out-of-band authentication
An IT organization is implementing a hybrid cloud deployment. Users should be
able to sign in to all corporate resources using their email addresses as their
usernames, regardless of whether they are accessing an application on-premises or
in the cloud.
Which solution meets this requirement?
A) JSON Web Token (JWT)
B) Trusted Platform Module (TPM)
C) Single sign-on (SSO)
D) Internet Protocol Security (IPsec)
C) Single sign-on (SSO)
The security team has been tasked with implementing a secure authorization
protocol for its web applications.
Which of the following protocols provides the best method for securely
authenticating users and granting access?
A) Simple network management protocol (SNMP)
B) Extensible Authentication Protocol (EAP)
C) Open Authentication (OAuth)
D) Secure Sockets Layer (SSL)
C) Open Authentication (OAuth)
An IT team is preparing the network for a hybrid cloud deployment. A security
analyst recently discovered that the firmware of a router in the core data center has
been compromised. According to the analyst, the attack occurred over a year ago
without being detected.
Which type of threat actor is the most likely cause of the attack?
A) Competitor
B) Hacktivist
C) Advanced persistent threat
D) Novice hacker
pg. 3
, C) Advanced persistent threat
The security operations center (SOC) team just received a notification that multiple
vulnerabilities are present in the codebase of a corporate application.
Which threat type is most likely in this scenario?
A) Advanced persistent threat
B) Insider threat
C) Supply chain
D) Organized crime
C) Supply chain
The security operations center (SOC) team for a global company is planning an
initiative to defend against security breaches. Leadership wants the team to
monitor for threats against the organization's data, credentials, and brand reputation
by scanning networks that can not be accessed via search engines.
Which type of network should be scanned based on the requirements?
A) Wireless fidelity
B) Intranet
C) Deep web
D) Supervisory control and data acquisition
C) Deep web
An electric power and water utility company has recently added a cybersecurity
division. The security operations center (SOC) team has been tasked with
leveraging an investigative framework that can accurately assess the motives,
means, and opportunities associated with common security attacks.
Which framework should be implemented?
A) National Institute of Standards and Technology (NIST)
B) Diamond Model of Intrusion Analysis
C) Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for
industrial control systems (ICS)
D) Cyber kill chain
pg. 4
