WGU D488 Exam (Two Different Exams) | Cybersecurity Architecture & Engineering Exam | Complete Questions and Correct Answers | Graded A+ | 2026 Versions

WGU D488 Exam (Two Different Exams) | Cybersecurity
Architecture & Engineering Exam | Complete Questions
and Correct Answers | Graded A+ | 2026 Versions

WGU D488 Exam (1st Version)


Which type of security should a business use on its layer 2 switch to isolate the
finance network from other departmental networks?
A - Virtual Private Network (VPN)
B - Internet Protocol Security (IPSec)
C - Virtual Local Area Network (VLAN)
D - Remotely Triggered Black Hole (RTBH) ---------CORRECT ANSWER-----------------C
- Virtual Local Area Network (VLAN)


VLANs allow companies to logically segment network traffic, ensuring devices
on different VLANs cannot communicate unless otherwise specified in a layer 3
device like a router.




Which type of software testing should be used when there has been a change
within the existing environment?
A - Regression Testing
B - Penetration Testing
C - Requirements Testing
D - Release Testing ---------CORRECT ANSWER-----------------A - Regression Testing

,Regression testing ensures that recent changes within the environment have
not introduced new defects or broken existing functionality.




Which security technique should be used to detect a weak password that may
match common dictionary words?
A - Password Spraying
B - Password Auditing
C - Password Guessing
D - Password History ---------CORRECT ANSWER-----------------B - Password Auditing


Password auditing allows for existing passwords to be compared against known
weak passwords to help determine the security of a credential.




What should an organization implement if it wants users of their site to provide a
password, memorable word, and pin?
A - Multi-factor authentication (MFA)
B - Two-factor authentication (2FA)
C - Two-step verification
D - Single-factor authentication ---------CORRECT ANSWER-----------------A - Multi-
factor authentication


MFA enhances security by requiring multiple forms of authentication, therefore
reducing the risk of unauthorized access.

,A network technician is asked by their manager to update security to block
several known bad actor IP addresses.
A - Signature rules
B - Firewall rules
C - Behavior rules
D - Data loss prevention (DLP) rules ---------CORRECT ANSWER-----------------B -
Firewall rules


Firewall rules can be set up to deny traffic coming from known malicious IP
addresses.




On a shopping website, there is a 500-millisecond delay when the authorized
payment button is selected for purchases. Attackers have been running a script to
alter the final payment that takes 200 milliseconds. Which vulnerability on the
website is being targeted by the attackers?
A - Buffer Overflow
B - Integer Overflow
C - Broken Authentication
D - Race Condition ---------CORRECT ANSWER-----------------D - Race Condition


A race condition occurs when multiple processes or actions are executed
simultaneously, and the outcome depends on the sequence or timing of events.

, A company wants to provide laptops to its employees so they can work remotely.
What should be implemented to ensure only work applications can be installed on
company laptops?
A - Containerization
B - Token-based access
C - Patch repository
D - Whitelisting ---------CORRECT ANSWER-----------------D - Whitelisting


Whitelisting ensures that only approved applications can be installed and
executed on company laptops.




What should a business use to provide non-repudiation for emails between
employees?
A - TLS/SSL
B - AES-256
C - S/MIME
D - IPSec ---------CORRECT ANSWER-----------------C - S/MIME (Secure/Multipurpose
Internet Mail Extensions)


S/MIME provides non-repudiation for emails by using digital signatures.




Which strategy is appropriate for a risk management team to determine if a
business has insufficient security controls?