WGU (KFO1/D488) Cybersecurity Architecture and Engineering Exam Questions Instant Access

Question 1

What is true about an operating system?

AIt is a firmware burned onto the computer mother board.

BIt is a software program that directly supports the computer itself.

CIt is a hardware component of the computer system.

DIt is an application program similar to word processors.

Answer : B

Anoperating system (OS)is a system software that manages computer hardware and software resources and provides common services for computer programs.

It serves as an intermediary between users and the computer hardware.

Key functionsof an OS include:

Managinghardware resourceslike the CPU, memory, and I/O devices.

Providing auser interface(UI) for interaction with the system.

File managementand handling file operations.

Process managementand multitasking.

Securityand access control.

Examples include Windows, Linux, and macOS.

'Operating System Concepts' by Abraham Silberschatz, Greg Gagne, and Peter B. Galvin.

'Modern Operating Systems' by Andrew S. Tanenbaum.

Question 2

What is the role of the compiler?

ATo take the most recent line of code, translate it, and execute the machine code

BTo create an executable program by translating all of the code at one time

CTo run scripting languages to test one line of code at a time

DTo create executable code that is compatible with different operating systems

Answer : B

Step by Step Comprehensive Detailed Explanation

A compiler is a program that translates source code written in a high-level programming language into machine code.

Definition: A compiler processes the entire source code of a program and translates it into a machine code executable.

Functionality: This process is typically done in several stages, including lexical analysis, syntax analysis, semantic analysis, optimization, and code generation.

Output: The result is an executable file that can be run on a specific operating system.

Reference

'Compilers: Principles, Techniques, and Tools' by Alfred V. Aho, Monica S. Lam, Ravi Sethi, and Jeffrey D. Ullman

NISTIR 7860, 'C++ Coding Standards'

Question 3

A software development company is concerned about the potential risks associated with exploits that target vulnerabilities in the Linux operating system used by the company's servers. The company has decided to implement hardening techniques and endpoint security controls to mitigate the risk.

Which hardening technique will meet the needs of this company?

AImplementing a host-based intrusion detection and prevention system

BEnforcing strict access control policies for all users

CImplementing shell restrictions

DConducting regular security assessments and penetration testing

Answer : C

The correct answer is C --- Implementing shell restrictions.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), shell restrictions on Linux systems can prevent users (or attackers) from executing unauthorized commands, significantly reducing the exploitation risk on Linux servers.

Host-based IDPS (A) detects attacks but does not directly harden the OS. Access control (B) andassessments/penetration testing (D) are important but do not focus specifically on securing the Linux shell environment.

Reference Extract from Study Guide:

'Implementing shell restrictions on Linux systems minimizes the attack surface by limiting the ability of users and processes to execute unauthorized commands.'

--- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Linux System Hardening Techniques

Question 4

A retail company has recently implemented a new point of sale (POS) system that is critical to its business.

Which security control is essential for protecting the availability of the POS system?

ABacking up the data stored in the POS system and having a disaster recovery plan

BRegularly updating the POS system with the latest security patches

CImplementing intrusion detection and prevention systems

DEnforcing strict access controls on the POS system

Answer : B

Theavailabilityof the POS system depends on itsresilience against known vulnerabilities. Applyingregular security patchesensures that attackers cannot exploit outdated components, which could crash or disrupt the POS system.

NIST SP 800-40 Rev. 3 (Guide to Enterprise Patch Management):

''Prompt application of security patches mitigates vulnerabilities that can be exploited to disrupt system availability or compromise data.''

Backups protect from data loss, butpatching is proactive protectionfor uptime and availability.

WGU Course Alignment:

Domain:Security Operations and Monitoring

Topic:Maintain system availability through proactive patch management

Question 5

A company has recently experienced a data breach in which customer information was stolen. The company is concerned about the potential for future data breaches. A review of the incident revealed that the breach originated from stolen credentials.

Which security measure will meet the needs of this company?

AImplementing two-factor authentication

BConducting background checks on employees

CProviding regular security awareness training to employees

DInstalling a security information and event management (SIEM) system

Answer : A

The correct answer is A --- Implementing two-factor authentication.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488) content, two-factor authentication (2FA) strengthens authentication processes by requiring users to provide two forms of evidence (e.g., password + SMS code or authentication app) before accessing systems. Even if credentials are stolen, without the second factor, attackers would be unable to log in.

Background checks (B) are important for insider threats but not stolen external credentials. Security awareness training (C) is good practice but does not technically prevent the misuse of stolen credentials. SIEM systems (D) help detect breaches but do not stop unauthorized access at the authentication layer.

Reference Extract from Study Guide:

'Two-factor authentication mitigates the risks associated with credential theft by requiring an additional factor, significantly improving the security posture.'

--- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Authentication and Identity Management

=============================================

Question 6

What is one purpose of an End User License Agreement?

AAllow customers to legally create and sell a new version of the software

BAllow customers to legally use the software

CAllow customers to legally modify and compile the source code

DAllow customers to legally distribute the application to other users

Answer : B

AnEnd User License Agreement (EULA)is a legal contract between the software manufacturer and the user.

The primary purpose of a EULA is togrant the user the right to use the software.

It outlines the terms and conditions under which the software can be used.

This can include restrictions on installation, distribution, and modification.

The EULA helps protect the intellectual property rights of the software creator.

'Software Licensing Handbook' by Jeffrey I. Gordon.

'Intellectual Property and Open Source' by Van Lindberg.

Question 7

After implementing a risk management plan for a new product launch, a project team conductedregular risk assessments to monitor the effectiveness of their control strategies.

Which step of the risk management life cycle was performed?

AControl

BAssess

CIdentify

DReview

Answer : D

The correct answer is D --- Review.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) describes that the review phase of the risk management cycle involves evaluating whether the implemented controls are effective over time. Conducting regular risk assessments after deployment falls under the review process.

Control (A) is about applying mitigations. Assess (B) happens earlier during initial evaluation. Identify (C) was done before applying the controls.

Reference Extract from Study Guide:

'Reviewing the effectiveness of risk control strategies through ongoing assessments ensures continuous improvement in risk management practices.'

--- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Risk Management Review and Continuous Improvement

WGU Cybersecurity Architecture and Engineering (KFO1/D488) WGU (KFO1/D488) Cybersecurity Architecture and Engineering Exam Questions