D488 EXAM BANK: D488 - CYBERSECURITY
ARCHITECTURE AND ENGINEERING
COMPTIA ADVANCED SECURITY
PRACTITIONER (CASP+), 2025/2026 WITH
CORRECT/ACCURATE ANSWERS
Western Governors University's (WGU"Cybersecurity
Architecture and Engineering course
Secure Architecture and Design
Risk Management and Compliance
, Network and Infrastructure Security
Security Operations and Incident Response
The security team recently enabled public access to a web application hosted on a
server inside the corporate network. The developers of the application report that the
server has received several structured query language (SQL) injection attacks in the
past several days. The team needs to deploy a solution that will block the SQL
injection attacks.
Which solution fulfills these requirements?
A) Virtual private network (VPN)
B) Security information and event management (SIEM)
C) Web application firewall (WAF)
D) Secure Socket Shell (SSH)
C) Web application firewall (WAF) >>> A Web Application Firewall is specifically designed to:
Detect and block web-based attacks, such as
o SQL injection
o Cross-site scripting (XSS)
o Cross-site request forgery (CSRF)
o Command injection
Protect HTTP/HTTPS traffic
Apply rules that analyze application-layer requests
Filter malicious payloads before they reach the server
Because the server is facing SQL injection attacks, a WAF is the correct and most effective solution.
An IT security team has been notified that external contractors are using their
personal laptops to gain access to the corporate network. The team needs to
recommend a solution that will prevent unapproved devices from accessing the
network.
Which solution fulfills these requirements?
A) Implementing a demilitarized zone (DMZ)
B) Installing a hardware security module
,C) Implementing port security
D) Deploying a software firewall
C) Implementing port security >>> Port security (typically on switches) restricts which devices
can connect to the network by controlling access based on MAC addresses.
This prevents unauthorized or unapproved devices—such as personal laptops—from connecting to internal
network ports.
Port security can be configured to:
Allow only approved MAC addresses
Disable a port if an unknown device connects
Generate alerts on violations
Limit the number of devices per port
The chief technology officer for a small publishing company has been tasked with
improving the company's security posture. As part of a network upgrade, the company
has decided to implement intrusion detection, spam filtering, content filtering, and
antivirus controls. The project needs to be completed using the least amount of
infrastructure while meeting all requirements.
Which solution fulfills these requirements?
A) Deploying an anti-spam gateway
B) Deploying a proxy server
C) Deploying a unified threat management (UTM) appliance
D) Deploying a web application firewall (WAF)
C) Deploying a unified threat management (UTM) appliance >>>A UTM appliance is a
single hardware or software solution that combines multiple security functions into one device.
This approach is specifically designed to simplify security management and minimize the number
of individual pieces of equipment needed. The functions typically integrated into a UTM device
include:
Intrusion detection (IDS/IPS)
Spam filtering
Content filtering
Antivirus controls
, Firewall
VPN capabilities
By deploying a single UTM appliance, the company avoids the need to purchase, configure, and
manage separate devices for each of the required security functions.
The security team plans to deploy an intrusion detection system (IDS) solution to alert
engineers about inbound threats. The team already has a database of signatures that
they want the IDS solution to validate.
Which detection technique meets the requirements?
A) Intrusion detection
B) Deep packet inspection
C) Signature-based detection
D) Intrusion prevention
C) Signature-based detection
An IT organization had a security breach after deploying an update to its production
web servers. The application currently goes through a manual update process a few
times per year. The security team needs to recommend a failback option for future
deployments.
Which solution fulfills these requirements?
A) Implementing a code scanner
B) Implementing code signing
C) Implementing versioning
D) Implementing a security requirements traceability matrix (SRTM)
C) Implementing versioning
A software development team is working on a new mobile application that will be used
by customers. The security team must ensure that builds of the application will be
trusted by a variety of mobile devices.
Which solution fulfills these requirements?
A) Code scanning
ARCHITECTURE AND ENGINEERING
COMPTIA ADVANCED SECURITY
PRACTITIONER (CASP+), 2025/2026 WITH
CORRECT/ACCURATE ANSWERS
Western Governors University's (WGU"Cybersecurity
Architecture and Engineering course
Secure Architecture and Design
Risk Management and Compliance
, Network and Infrastructure Security
Security Operations and Incident Response
The security team recently enabled public access to a web application hosted on a
server inside the corporate network. The developers of the application report that the
server has received several structured query language (SQL) injection attacks in the
past several days. The team needs to deploy a solution that will block the SQL
injection attacks.
Which solution fulfills these requirements?
A) Virtual private network (VPN)
B) Security information and event management (SIEM)
C) Web application firewall (WAF)
D) Secure Socket Shell (SSH)
C) Web application firewall (WAF) >>> A Web Application Firewall is specifically designed to:
Detect and block web-based attacks, such as
o SQL injection
o Cross-site scripting (XSS)
o Cross-site request forgery (CSRF)
o Command injection
Protect HTTP/HTTPS traffic
Apply rules that analyze application-layer requests
Filter malicious payloads before they reach the server
Because the server is facing SQL injection attacks, a WAF is the correct and most effective solution.
An IT security team has been notified that external contractors are using their
personal laptops to gain access to the corporate network. The team needs to
recommend a solution that will prevent unapproved devices from accessing the
network.
Which solution fulfills these requirements?
A) Implementing a demilitarized zone (DMZ)
B) Installing a hardware security module
,C) Implementing port security
D) Deploying a software firewall
C) Implementing port security >>> Port security (typically on switches) restricts which devices
can connect to the network by controlling access based on MAC addresses.
This prevents unauthorized or unapproved devices—such as personal laptops—from connecting to internal
network ports.
Port security can be configured to:
Allow only approved MAC addresses
Disable a port if an unknown device connects
Generate alerts on violations
Limit the number of devices per port
The chief technology officer for a small publishing company has been tasked with
improving the company's security posture. As part of a network upgrade, the company
has decided to implement intrusion detection, spam filtering, content filtering, and
antivirus controls. The project needs to be completed using the least amount of
infrastructure while meeting all requirements.
Which solution fulfills these requirements?
A) Deploying an anti-spam gateway
B) Deploying a proxy server
C) Deploying a unified threat management (UTM) appliance
D) Deploying a web application firewall (WAF)
C) Deploying a unified threat management (UTM) appliance >>>A UTM appliance is a
single hardware or software solution that combines multiple security functions into one device.
This approach is specifically designed to simplify security management and minimize the number
of individual pieces of equipment needed. The functions typically integrated into a UTM device
include:
Intrusion detection (IDS/IPS)
Spam filtering
Content filtering
Antivirus controls
, Firewall
VPN capabilities
By deploying a single UTM appliance, the company avoids the need to purchase, configure, and
manage separate devices for each of the required security functions.
The security team plans to deploy an intrusion detection system (IDS) solution to alert
engineers about inbound threats. The team already has a database of signatures that
they want the IDS solution to validate.
Which detection technique meets the requirements?
A) Intrusion detection
B) Deep packet inspection
C) Signature-based detection
D) Intrusion prevention
C) Signature-based detection
An IT organization had a security breach after deploying an update to its production
web servers. The application currently goes through a manual update process a few
times per year. The security team needs to recommend a failback option for future
deployments.
Which solution fulfills these requirements?
A) Implementing a code scanner
B) Implementing code signing
C) Implementing versioning
D) Implementing a security requirements traceability matrix (SRTM)
C) Implementing versioning
A software development team is working on a new mobile application that will be used
by customers. The security team must ensure that builds of the application will be
trusted by a variety of mobile devices.
Which solution fulfills these requirements?
A) Code scanning
