Page 1 of 617
WGU D488 Cybersecurity Architecture and
Engineering OA EXAM A&B 2026-2027 COMPLETE
1200 QUESTIONS AND VERIFIED SOLUTIONS
LATEST UPDATE THIS YEAR
D488 - Cybersecurity Architecture & Engineering OA
QUESTION: A network technician is asked by their manager to update security to block several
known bad actor IP addresses.
A - Signature rules
B - Firewall rules
C - Behavior rules
D - Data loss prevention (DLP) rules - ANSWER-B - Firewall rules
Firewall rules can be set up to deny traffic coming from known malicious IP addresses.
QUESTION: On a shopping website, there is a 500-millisecond delay when the authorized
payment button is selected for purchases. Attackers have been running a script to alter the final
,Page 2 of 617
payment that takes 200 milliseconds. Which vulnerability on the website is being targeted by
the attackers?
A - Buffer Overflow
B - Integer Overflow
C - Broken Authentication
D - Race Condition - ANSWER-D - Race Condition
A race condition occurs when multiple processes or actions are executed simultaneously, and
the outcome depends on the sequence or timing of events.
QUESTION: A company wants to provide laptops to its employees so they can work remotely.
What should be implemented to ensure only work applications can be installed on company
laptops?
A - Containerization
B - Token-based access
C - Patch repository
D - Whitelisting - ANSWER-D - Whitelisting
,Page 3 of 617
Whitelisting ensures that only approved applications can be installed and executed on company
laptops.
QUESTION: What should a business use to provide non-repudiation for emails between
employees?
A - TLS/SSL
B - AES-256
C - S/MIME
D - IPSec - ANSWER-C - S/MIME (Secure/Multipurpose Internet Mail Extensions)
S/MIME provides non-repudiation for emails by using digital signatures.
QUESTION: Which strategy is appropriate for a risk management team to determine if a
business has insufficient security controls?
A - Qualitative assessment
B - Gap assessment
, Page 4 of 617
C - Quantitative risk assessment
D - Impact assessment - ANSWER-B - Gap assessment
A gap assessment identifies the gaps between the current security control and the desired or
required levels of security.
Q; Which type of security should a business use on its layer 2 switch to isolate the finance
network from other departmental networks?
A - Virtual Private Network (VPN)
B - Internet Protocol Security (IPSec)
C - Virtual Local Area Network (VLAN)
D - Remotely Triggered Black Hole (RTBH) - ANSWER-C - Virtual Local Area Network (VLAN)
VLANs allow companies to logically segment network traffic, ensuring devices on different
VLANs cannot communicate unless otherwise specified in a layer 3 device like a router.
WGU D488 Cybersecurity Architecture and
Engineering OA EXAM A&B 2026-2027 COMPLETE
1200 QUESTIONS AND VERIFIED SOLUTIONS
LATEST UPDATE THIS YEAR
D488 - Cybersecurity Architecture & Engineering OA
QUESTION: A network technician is asked by their manager to update security to block several
known bad actor IP addresses.
A - Signature rules
B - Firewall rules
C - Behavior rules
D - Data loss prevention (DLP) rules - ANSWER-B - Firewall rules
Firewall rules can be set up to deny traffic coming from known malicious IP addresses.
QUESTION: On a shopping website, there is a 500-millisecond delay when the authorized
payment button is selected for purchases. Attackers have been running a script to alter the final
,Page 2 of 617
payment that takes 200 milliseconds. Which vulnerability on the website is being targeted by
the attackers?
A - Buffer Overflow
B - Integer Overflow
C - Broken Authentication
D - Race Condition - ANSWER-D - Race Condition
A race condition occurs when multiple processes or actions are executed simultaneously, and
the outcome depends on the sequence or timing of events.
QUESTION: A company wants to provide laptops to its employees so they can work remotely.
What should be implemented to ensure only work applications can be installed on company
laptops?
A - Containerization
B - Token-based access
C - Patch repository
D - Whitelisting - ANSWER-D - Whitelisting
,Page 3 of 617
Whitelisting ensures that only approved applications can be installed and executed on company
laptops.
QUESTION: What should a business use to provide non-repudiation for emails between
employees?
A - TLS/SSL
B - AES-256
C - S/MIME
D - IPSec - ANSWER-C - S/MIME (Secure/Multipurpose Internet Mail Extensions)
S/MIME provides non-repudiation for emails by using digital signatures.
QUESTION: Which strategy is appropriate for a risk management team to determine if a
business has insufficient security controls?
A - Qualitative assessment
B - Gap assessment
, Page 4 of 617
C - Quantitative risk assessment
D - Impact assessment - ANSWER-B - Gap assessment
A gap assessment identifies the gaps between the current security control and the desired or
required levels of security.
Q; Which type of security should a business use on its layer 2 switch to isolate the finance
network from other departmental networks?
A - Virtual Private Network (VPN)
B - Internet Protocol Security (IPSec)
C - Virtual Local Area Network (VLAN)
D - Remotely Triggered Black Hole (RTBH) - ANSWER-C - Virtual Local Area Network (VLAN)
VLANs allow companies to logically segment network traffic, ensuring devices on different
VLANs cannot communicate unless otherwise specified in a layer 3 device like a router.
