WGU D488 OA PREP 2025 TEST BANK WITH 200
QUESTIONS AND CORRECT VERIFIED ANSWERS (100%
CORRECT ANSWERS) GRDADED A+ / D488
CYBERSECURITY ARCHITECTURE AND ENGINEERING
OA TEST BANK 4 (BRAND NEW!)
D488 Cybersecurity Architecture And Engineering Oa
A healthcare company needs to ensure that medical researchers cannot
inadvertently share protected health information (PHI) data from medical records.
What is the best solution?
A) Encryption
B) Metadata
C) Anonymization
D) Obfuscation
C) Anonymization
A security team has been tasked with mitigating the risk of stolen credentials after
a recent breach. The solution must isolate the use of privileged accounts. In the
future, administrators must request access to mission-critical services before they
can perform their tasks.
What is the best solution?
A) Identity and access management (IAM)
B) Password policies
C) Privileged access management (PAM)
D) Password complexity
C) Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The
security team has been tasked with hardening the access controls for a corporate
web application that was recently migrated. End users should be granted access to
different features based on their locations and departments.
Which access control solution should be implemented?
A) Kerberos
B) Mandatory access control (MAC)
,C) Attribute-based access control (ABAC)
D) Privileged access management (PAM)
C) Attribute-based access control (ABAC)
A team of developers is building a new corporate web application. The security
team has stated that the application must authenticate users through two separate
channels of communication.
Which type of authentication method should the developers include when building
the application?
A) In-band authentication
B) Kerberos
C) Out-of-band authentication
D) Challenge-Handshake Authentication Protocol (CHAP)
C) Out-of-band authentication
An IT organization is implementing a hybrid cloud deployment. Users should be
able to sign in to all corporate resources using their email addresses as their
usernames, regardless of whether they are accessing an application on-premises or
in the cloud.
Which solution meets this requirement?
A) JSON Web Token (JWT)
B) Trusted Platform Module (TPM)
C) Single sign-on (SSO)
D) Internet Protocol Security (IPsec)
C) Single sign-on (SSO)
The security team has been tasked with implementing a secure authorization
protocol for its web applications.
Which of the following protocols provides the best method for securely
authenticating users and granting access?
A) Simple network management protocol (SNMP)
B) Extensible Authentication Protocol (EAP)
C) Open Authentication (OAuth)
D) Secure Sockets Layer (SSL)
C) Open Authentication (OAuth)
, The security team recently enabled public access to a web application hosted on a
server inside the corporate network. The developers of the application report that
the server has received several structured query language (SQL) injection attacks
in the past several days. The team needs to deploy a solution that will block the
SQL injection attacks.
Which solution fulfills these requirements?
A) Virtual private network (VPN)
B) Security information and event management (SIEM)
C) Web application firewall (WAF)
D) Secure Socket Shell (SSH)
C) Web application firewall (WAF)
An IT security team has been notified that external contractors are using their
personal laptops to gain access to the corporate network. The team needs to
recommend a solution that will prevent unapproved devices from accessing the
network.
Which solution fulfills these requirements?
A) Implementing a demilitarized zone (DMZ)
B) Installing a hardware security module
C) Implementing port security
D) Deploying a software firewall
C) Implementing port security
A security team has been tasked with performing regular vulnerability scans for a
cloud-based infrastructure.
How should these vulnerability scans be conducted when implementing zero trust
security?
A) Manually
B) Annually
C) Automatically
D) As needed
C) Automatically
An IT team is preparing the network for a hybrid cloud deployment. A security
analyst recently discovered that the firmware of a router in the core data center has
QUESTIONS AND CORRECT VERIFIED ANSWERS (100%
CORRECT ANSWERS) GRDADED A+ / D488
CYBERSECURITY ARCHITECTURE AND ENGINEERING
OA TEST BANK 4 (BRAND NEW!)
D488 Cybersecurity Architecture And Engineering Oa
A healthcare company needs to ensure that medical researchers cannot
inadvertently share protected health information (PHI) data from medical records.
What is the best solution?
A) Encryption
B) Metadata
C) Anonymization
D) Obfuscation
C) Anonymization
A security team has been tasked with mitigating the risk of stolen credentials after
a recent breach. The solution must isolate the use of privileged accounts. In the
future, administrators must request access to mission-critical services before they
can perform their tasks.
What is the best solution?
A) Identity and access management (IAM)
B) Password policies
C) Privileged access management (PAM)
D) Password complexity
C) Privileged access management (PAM)
A global manufacturing company is moving its applications to the cloud. The
security team has been tasked with hardening the access controls for a corporate
web application that was recently migrated. End users should be granted access to
different features based on their locations and departments.
Which access control solution should be implemented?
A) Kerberos
B) Mandatory access control (MAC)
,C) Attribute-based access control (ABAC)
D) Privileged access management (PAM)
C) Attribute-based access control (ABAC)
A team of developers is building a new corporate web application. The security
team has stated that the application must authenticate users through two separate
channels of communication.
Which type of authentication method should the developers include when building
the application?
A) In-band authentication
B) Kerberos
C) Out-of-band authentication
D) Challenge-Handshake Authentication Protocol (CHAP)
C) Out-of-band authentication
An IT organization is implementing a hybrid cloud deployment. Users should be
able to sign in to all corporate resources using their email addresses as their
usernames, regardless of whether they are accessing an application on-premises or
in the cloud.
Which solution meets this requirement?
A) JSON Web Token (JWT)
B) Trusted Platform Module (TPM)
C) Single sign-on (SSO)
D) Internet Protocol Security (IPsec)
C) Single sign-on (SSO)
The security team has been tasked with implementing a secure authorization
protocol for its web applications.
Which of the following protocols provides the best method for securely
authenticating users and granting access?
A) Simple network management protocol (SNMP)
B) Extensible Authentication Protocol (EAP)
C) Open Authentication (OAuth)
D) Secure Sockets Layer (SSL)
C) Open Authentication (OAuth)
, The security team recently enabled public access to a web application hosted on a
server inside the corporate network. The developers of the application report that
the server has received several structured query language (SQL) injection attacks
in the past several days. The team needs to deploy a solution that will block the
SQL injection attacks.
Which solution fulfills these requirements?
A) Virtual private network (VPN)
B) Security information and event management (SIEM)
C) Web application firewall (WAF)
D) Secure Socket Shell (SSH)
C) Web application firewall (WAF)
An IT security team has been notified that external contractors are using their
personal laptops to gain access to the corporate network. The team needs to
recommend a solution that will prevent unapproved devices from accessing the
network.
Which solution fulfills these requirements?
A) Implementing a demilitarized zone (DMZ)
B) Installing a hardware security module
C) Implementing port security
D) Deploying a software firewall
C) Implementing port security
A security team has been tasked with performing regular vulnerability scans for a
cloud-based infrastructure.
How should these vulnerability scans be conducted when implementing zero trust
security?
A) Manually
B) Annually
C) Automatically
D) As needed
C) Automatically
An IT team is preparing the network for a hybrid cloud deployment. A security
analyst recently discovered that the firmware of a router in the core data center has
