Pass the WGU Courses and Certificates Cybersecurity-Architecture-and-Engineering Questions and answers with CertsForce

Encrypting stored (at rest) dataensures that even if the storage is compromised (e.g., stolen or accessed by unauthorized parties), the data remains unintelligible without the encryption keys.

NIST SP 800-111 (Guide to Storage Encryption Technologies):

“Data encryption provides confidentiality of information stored on media or storage systems, preventing unauthorized disclosure of sensitive data.”

Encryption is a core requirement forconfidentiality controls, especially for systems handling documents and records.

????WGU Course Alignment:

Domain:System Security Engineering

Topic:Apply data-at-rest encryption for secure information storage

A system administrator is responsible for managing, installing, and maintaining an organization's computer systems and networks. This role involves configuring new hardware, setting up user accounts, troubleshooting system and network issues, and ensuring the systems run efficiently.

The correct answer is A — Risk appetite.

As per the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) coursework, risk appetite defines the amount and type of risk an organization is willing to accept in pursuit of its objectives. It is a strategic-level metric used by executive leadership and boards to determine if the current level of risk exceeds what the organization is comfortable handling.

Risk evaluation plans (B) outline how risks are assessed, treatment plans (C) describe mitigation actions, and risk tolerance (D) is more operational, defining acceptable variation from the appetite but not the overall strategic limit.

Reference Extract from Study Guide:

"Risk appetite represents the amount of risk an organization is willing to pursue or retain and is established by senior leadership as part of governance activities."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Risk Management Concepts

=============================================

The correct answer is C — Determine business processes and recovery criticality, identify resource requirements, and identify recovery priorities for system resources.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), a BIA identifies critical business functions, determines the impact of disruptions, and establishes recovery priorities, including resource needs.

A (monitoring) relates to incident response. B (developing BCP) is after BIA. D (recovery strategies) is part of disaster recovery planning after BIA findings.

Reference Extract from Study Guide:

"Business impact analysis (BIA) involves determining critical business processes, evaluating their recovery requirements, and prioritizing system recovery efforts."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Business Impact Analysis Procedures

=============================================

Scope creep refers to the phenomenon where the scope of a project gradually increases over time due to small, incremental changes that were not initially planned or approved. This can happen when:

New featuresor requirements are added without proper evaluation or approval.

Stakeholderscontinuously request small changes or additions.

Lack of a clear scope definitionand change control process.

These small changes can accumulate, leading to significant deviations from the original project plan, affecting the project's schedule, budget, and overall success.

References

Project Management Institute, "A Guide to the Project Management Body of Knowledge (PMBOK Guide)," PMI.

Kathy Schwalbe, "Information Technology Project Management," Cengage Learning.

The correct answer is B — Access logs.

As outlined in the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, access logs record who accessed which system components, when they did so, and what changes they made. These logs are vital for creating an audit trail that can be reviewed to detect unauthorized changes to applications or systems.

NetFlow logs (A) track network traffic flows but not system or application changes. Packet capture logs (C) deal with network data but are not specialized for auditing application-level events. Router logs (D) capture network device activity, not application access information.

Reference Extract from Study Guide:

"Access logs maintain detailed records of user actions within systems and applications, providing the necessary audit trail for tracking authorized and unauthorized activities."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Log Management Concepts

=============================================

A programming language is a formal language comprising a set of instructions that produce various kinds of output. Programming languages are used in computer programming to implement algorithms and manipulate data. They provide the vocabulary and grammatical rules for instructing a computer to perform specific tasks, allowing developers to write software programs that can be executed by a computer.

Obfuscating error messagesprevents attackers from receiving technical details (e.g., software version, file paths, or database errors) that they can use for exploitation. This is part ofsecure codinganderror handlingpractices.

OWASP Secure Coding Practices – Error Handling and Logging:

“Applications should not disclose detailed error messages to users. Instead, provide generic messages to prevent leakage of system or application details.”

HTTPS secures transport, but doesn't addressinformation disclosurevia error output.

????WGU Course Alignment:

Domain:Information Systems and Architecture

Topic:Implement secure design practices (e.g., error handling, obfuscation)

The relational model is the most common organizing principle of databases. In a relational database, data is organized into tables (or relations), where each table consists of rows andcolumns. Each row represents a record with a unique identifier, and each column represents a data field. This model allows for easy data retrieval and management through the use of structured query language (SQL).

Recovery Point Objective (RPO)defines themaximum acceptable amount of data lossmeasured in time. It determines how often backups should occur to avoid losing critical business data.

NIST SP 800-34 Rev. 1:

“RPO represents the point in time prior to an outage to which systems and data must be restored to resume business operations.”

CDP is a method; RPO is thestrategic planning metric.

????WGU Course Alignment:

Domain:Business Continuity and Disaster Recovery

Topic:Define RPO to support data resilience and backup planning