Pass the WGU Courses and Certificates Cybersecurity-Architecture-and-Engineering Questions and answers with ValidTests

The development of scope creep is often signaled by the addition of many unplanned features to the original project. This indicates that the project scope is expanding beyond its initial boundaries. Key indicators include:

Uncontrolled changesto the project scope.

Continuous new requestsfrom stakeholders that were not part of the original requirements.

Increased project complexityand difficulty in managing the project timeline and resources.

Scope creep can lead to delays, budget overruns, and project failure if not managed properly.

References

Project Management Institute, "A Guide to the Project Management Body of Knowledge (PMBOK Guide)," PMI.

Harold Kerzner, "Project Management: A Systems Approach to Planning, Scheduling, and Controlling," Wiley.

An unknown IP address successfully logging in viaSSHindicates that authentication was achieved — likely due toweak or reused passwords. This is not enumeration or vulnerability exploitation, but acredential-based compromise.

NIST SP 800-118 (Guide to Enterprise Password Management):

“Weak, default, or reused passwords are among the most exploited vulnerabilities in enterprise networks, particularly on remote access services such as SSH.”

This is one of the most common findings inSIEM alertswhen password policies and access control mechanisms are improperly enforced.

????WGU Course Alignment:

Domain:System Security Engineering

Topic:Implement strong authentication practices and monitor remote access

The correct answer is D — Mission essential functions (MEFs).

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) specifies that mission essential functions (MEFs) are those activities that must be maintained or resumed quickly during or after a disruption to ensure continuity of critical operations, particularly for government agencies.

BCP (A) is the plan itself. DR (B) focuses on IT and system recovery. RPO (C) measures acceptable data loss but does not define critical services.

Reference Extract from Study Guide:

"Mission essential functions (MEFs) are critical activities that must be performed continuously or resumed quickly after disruption to support business or agency operations."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Continuity of Operations Planning

=============================================

IT infrastructure encompasses all the physical and virtual resources that support the flow,storage, processing, and analysis of data. Networks, which include the internet, intranets, and extranets, are fundamental components of IT infrastructure as they enable communication and data exchange between different hardware and software components.

The correct answer is D — Implementation of data encryption.

As per WGU Cybersecurity Architecture and Engineering (KFO1 / D488), encrypting data at rest ensures that even if attackers breach the system and obtain files, the data remains protected because it cannot be easily read without decryption keys.

Firewall enforcement (A) restricts access but does not protect data if stolen. Disabling printing services (B) limits data leakage but not core data protection. Backups (C) help with recovery, not immediate breach protection.

Reference Extract from Study Guide:

"Encrypting sensitive data ensures confidentiality even in the event of a security breach, protecting information from unauthorized exploitation."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Data Security and Encryption Practices

=============================================

The correct answer is C — Integration testing.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), integration testing verifies that different modules or components of an application work together as intended.This type of testing is essential after deployment to ensure the overall system functions correctly across all tiers (e.g., web, application, and database layers).

Static code analysis (A) examines source code without execution. Dynamic code analysis (B) tests running code for vulnerabilities but not necessarily component interaction. Package scanning (D) reviews third-party libraries for vulnerabilities but does not test integration.

Reference Extract from Study Guide:

"Integration testing verifies that multiple components of an application function correctly when combined, ensuring end-to-end system reliability post-deployment."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Secure Software Development and Testing

The correct answer is A — Electronic codebook (ECB).

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), ECB mode is the simplest and most basic mode of operation for block ciphers. It encrypts each block of plaintext independently with the same key, but identical plaintext blocks produce identical ciphertext blocks, providing no additional confidentiality beyond the block cipher itself and making patterns visible.

CBC (B), CTR (C), and OFB (D) are more secure and avoid patterns.

Reference Extract from Study Guide:

"Electronic Codebook (ECB) mode encrypts each block independently and is simple but reveals patterns when identical plaintext blocks occur, thus offering minimal confidentiality beyond the underlying cipher."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Block Cipher Modes of Operation

=============================================

Encrypting stored (at rest) dataensures that even if the storage is compromised (e.g., stolen or accessed by unauthorized parties), the data remains unintelligible without the encryption keys.

NIST SP 800-111 (Guide to Storage Encryption Technologies):

“Data encryption provides confidentiality of information stored on media or storage systems, preventing unauthorized disclosure of sensitive data.”

Encryption is a core requirement forconfidentiality controls, especially for systems handling documents and records.

????WGU Course Alignment:

Domain:System Security Engineering

Topic:Apply data-at-rest encryption for secure information storage

The second generation of computers (1956-1963) saw the introduction of transistors, which replaced vacuum tubes used in the first generation. Transistors allowed computers to be smaller, faster, more reliable, and more energy-efficient compared to their predecessors.

The correct answer is A — Conducting regular vulnerability assessments and penetration testing.

According to the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, performing vulnerability assessments and penetration testing helps identify weaknesses in both hardware and virtual environments. Regular testing ensures that any hardware-related vulnerabilities are discovered and addressed before they can be exploited.

Disabling CPU virtualization support (B) would prevent virtual machines from running, defeating the purpose. A web application firewall (C) monitors traffic at the application layer but does not address hardware risks. Access control policies (D) are important but not directly tied to detecting hardware vulnerabilities.

Reference Extract from Study Guide:

"Regular vulnerability assessments and penetration testing identify weaknesses in hardware and software environments, providing critical insights for maintaining a hardened and secure posture."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Security Testing and Assessment

=============================================