WGU D488 – Cybersecurity Architecture &
Engineering (2025/2026) | Complete Study Guide
with Verified Questions & Accurate Answers
1. What is the term used to describe the assessment of whether a vendor will
remain in business?
Vendor viability
Source code escrow
Vendor lock-in
Vendor lockout
2. Devon is using an IaaS environment and would like to provision storage that
will be used as a disk attached to a server instance. What type of storage
should he use?
Archival storage
Object storage
Block storage
Database storage
3. If a company is implementing a new security policy that requires only
approved applications to run on employee workstations, which security
measure should they implement?
Block list
,Immutable system
Allow list
Antivirus software
,4. Bob has a key employee in a critical IT position. He is worried about the
possibility of the employee committing undetected fraud. Which of the
following is the best personnel security control he can implement to
control this?
mandatory vacation
need-to-know
Separation of duties
Least privilege
5. Describe how an allow list differs from a block list in terms of system
security.
An allow list is used for detecting malware, whereas a block list is for
system configuration.
An allow list is unchangeable, while a block list can be modified at
any time.
An allow list is a type of antivirus, while a block list is a method of
system auditing.
An allow list specifies which programs are permitted to run, while
a block list specifies which programs are not allowed.
6. A security architect is reviewing password compliance within the
organization. Which NIST standard can the security architect refer to for
password compliance?
NIST 800-84
NIST 800-53
NIST 800-207
, NIST 800-63
7. If a company experiences a data breach due to a compromised key and
lacks a key rotation policy, what immediate action should they take to
mitigate the risk?
Increase the number of keys
Implement a key rotation policy
Ignore the breach
Store keys in a public repository
8. If a company experiences repeated attacks from a specific IP address, what
action should be taken using firewall rules?
Block the specific IP address
Ignore the IP address as it may not be a threat
Allow the IP address to access the network
Increase bandwidth to accommodate more traffic
9. If a military unit needs to establish a data center quickly in a foreign country
with minimal setup and flexibility, which type of site should they choose and
why?
Cold site, because it is the least expensive option available.
Hot site, because it ensures no service disruption during operations.
Mobile site, because it offers flexibility and is designed for quick
deployment.
Warm site, because it provides a balance between cost and
operational capability.
Engineering (2025/2026) | Complete Study Guide
with Verified Questions & Accurate Answers
1. What is the term used to describe the assessment of whether a vendor will
remain in business?
Vendor viability
Source code escrow
Vendor lock-in
Vendor lockout
2. Devon is using an IaaS environment and would like to provision storage that
will be used as a disk attached to a server instance. What type of storage
should he use?
Archival storage
Object storage
Block storage
Database storage
3. If a company is implementing a new security policy that requires only
approved applications to run on employee workstations, which security
measure should they implement?
Block list
,Immutable system
Allow list
Antivirus software
,4. Bob has a key employee in a critical IT position. He is worried about the
possibility of the employee committing undetected fraud. Which of the
following is the best personnel security control he can implement to
control this?
mandatory vacation
need-to-know
Separation of duties
Least privilege
5. Describe how an allow list differs from a block list in terms of system
security.
An allow list is used for detecting malware, whereas a block list is for
system configuration.
An allow list is unchangeable, while a block list can be modified at
any time.
An allow list is a type of antivirus, while a block list is a method of
system auditing.
An allow list specifies which programs are permitted to run, while
a block list specifies which programs are not allowed.
6. A security architect is reviewing password compliance within the
organization. Which NIST standard can the security architect refer to for
password compliance?
NIST 800-84
NIST 800-53
NIST 800-207
, NIST 800-63
7. If a company experiences a data breach due to a compromised key and
lacks a key rotation policy, what immediate action should they take to
mitigate the risk?
Increase the number of keys
Implement a key rotation policy
Ignore the breach
Store keys in a public repository
8. If a company experiences repeated attacks from a specific IP address, what
action should be taken using firewall rules?
Block the specific IP address
Ignore the IP address as it may not be a threat
Allow the IP address to access the network
Increase bandwidth to accommodate more traffic
9. If a military unit needs to establish a data center quickly in a foreign country
with minimal setup and flexibility, which type of site should they choose and
why?
Cold site, because it is the least expensive option available.
Hot site, because it ensures no service disruption during operations.
Mobile site, because it offers flexibility and is designed for quick
deployment.
Warm site, because it provides a balance between cost and
operational capability.
