Free WGU Cybersecurity-Architecture-and-Engineering Practice Exam with Questions & Answers | Set: 2

Alpha testing is a type of system testing that involves having end users test the system with simulated data and the help of the developer. This phase is crucial because:

Early feedback: Users provide early feedback on the usability and functionality of the system.

Bug identification: Developers can identify and fix bugs before the system is released for beta testing or production.

Simulated environment: The testing is done in a controlled, simulated environment, often within the development organization.

Alpha testing is followed by beta testing, where the system is tested in a real-world environment by end users without the developers' direct involvement.

References

Ron Patton, "Software Testing," Sams Publishing.

Glenford J. Myers, "The Art of Software Testing," Wiley.

The correct answer is A — Implementation of real-time transaction monitoring.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), real-time transaction monitoring detects and alerts suspicious banking activities immediately, helping prevent credit card fraud and securing the online banking system during deployment and use.

Strict firewall policies (B) help secure access but are not transaction-specific. Disabling email (C) and performing backups (D) are good practices but do not directly address fraud prevention.

Reference Extract from Study Guide:

"Real-time transaction monitoring identifies suspicious activities, providing immediate detection and prevention of fraudulent transactions in online banking systems."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Financial Systems and Fraud Prevention Strategies

=============================================

A system requirement that involves preventing unauthorized access to data is aSecurityrequirement. Security requirements ensure that the system:

Protects data integrity: Ensuring data is accurate and unchanged by unauthorized users.

Maintains confidentiality: Preventing unauthorized access to sensitive information.

Ensures availability: Making sure that data and resources are available to authorized users when needed.

Security requirements are critical for safeguarding the system against threats and vulnerabilities.

References

Dieter Gollmann, "Computer Security," Wiley.

Ross Anderson, "Security Engineering: A Guide to Building Dependable Distributed Systems," Wiley.

The SQL statementSELECT * FROM Customers WHERE State = 'Arizona';is used to select records from theCustomerstable.

TheSELECT *clause indicates that all columns from theCustomerstable should be returned.

TheWHEREclause filters the rows to only include those where theStatecolumn value is'Arizona'.

The result is a subset of theCustomerstable with all rows that match the condition.

The correct answer is B — Firewall.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), firewalls are critical for securing external network perimeters by filtering incoming and outgoing traffic based on predefined security rules. This control is a foundational requirement under FISMA to prevent unauthorized access.

IDS/IPS (A) monitor and detect attacks but are secondary to establishing the initial network boundary. Access controls (C) manage user permissions inside a system. Network segmentation (D) divides internal networks but does not protect the external boundary.

Reference Extract from Study Guide:

"Firewalls are the first line of defense for securing external networks, providing traffic filtering to prevent unauthorized access, aligning with FISMA compliance requirements."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Network Security Fundamentals

=============================================

The correct answer is C — Assess.

As per WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, after risks have been identified, the next step in the risk management life cycle is to assess them. Assessment involves analyzing and prioritizing the risks based on their potential impact and likelihood. Only after assessment can proper strategies be formulated for controlling and mitigating the risks.

Identification (A) occurs before assessment, while reviewing (B) and controlling (D) happen later in the process.

Reference Extract from Study Guide:

"Following the identification of risks, the risk management process proceeds to risk assessment, where risks are analyzed and prioritized based on likelihood and impact to guide mitigation efforts."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Risk Management Process

=============================================

The relational model is the most common organizing principle of databases. In a relational database, data is organized into tables (or relations), where each table consists of rows andcolumns. Each row represents a record with a unique identifier, and each column represents a data field. This model allows for easy data retrieval and management through the use of structured query language (SQL).

Competitorsare known to engage in corporate espionage for business advantage. When intellectual property is targeted (like eBooks, videos), it often indicates acommercial motive, rather than political (hacktivist), state-sponsored (APT), or random (novice hacker) reasons.

NIST SP 800-30 Rev. 1 (Guide for Conducting Risk Assessments):

“Threat sources include adversarial actors such as competitors seeking proprietary or confidential business information.”

The data theft of commercial products strongly aligns with anadversarial actor motivated by business gain, a hallmark of competitor-driven threat modeling.

????WGU Course Alignment:

Domain:Security Models and Design

Topic:Understand threat actor types and motivations (e.g., competitors, insiders, nation-states)

The correct answer is D — Identity federation.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) details that identity federation enables users to authenticate using the same credentials across multiple systems and platforms, including hybrid cloud and on-premises environments. Federation facilitates Single Sign-On (SSO) and seamless authentication.

Two-step verification (A) improves authentication strength but does not federate identities. CHAP (B) is an old protocol for PPP connections. Privileged identity management (C) manages high-privilege accounts, not general user access across domains.

Reference Extract from Study Guide:

"Identity federation allows for seamless authentication across on-premises and cloud environments by trusting external identity providers, supporting Single Sign-On (SSO) and hybrid deployments."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Federation and Identity Management Concepts

DNSSEC (Domain Name System Security Extensions)is a security protocol that adds cryptographic validation to DNS responses, making it nearly impossible for attackers to spoof DNS responses or redirect users to malicious sites.

NIST SP 800-81 Rev. 2 (Secure Domain Name System (DNS) Deployment Guide):

“DNSSEC provides data origin authentication and data integrity to DNS responses using digital signatures, effectively mitigating spoofing and cache poisoning attacks.”

While patching and awareness are important, DNSSECdirectly mitigatesthe technical risk described.

????WGU Course Alignment:

Domain:System Security Engineering

Topic:Implement DNS hardening techniques such as DNSSEC