Free Access WGU Cybersecurity-Architecture-and-Engineering New Release

The correct answer is C — Intrusion prevention system.

WGU Cybersecurity Architecture and Engineering (KFO1 / D488) states that an Intrusion Prevention System (IPS) actively monitors network traffic and can block malicious activity in real-time. It can enforce rules like blocking an IP address after multiple failed SSH login attempts, stopping brute force attacks.

DLP (A) focuses on preventing sensitive data loss. A firewall (B) controls network traffic but generally does not automatically block based on login attempts unless highly customized. File integrity monitoring (D) watches file changes, not login attempts.

Reference Extract from Study Guide:

"An intrusion prevention system (IPS) monitors network traffic for malicious activities and can automatically block connections that meet predefined suspicious criteria."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Intrusion Detection and Prevention Systems

=============================================

The goal in this scenario is tosecure the application against malware and advanced persistent threats (APTs). According to the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) course materials:

Firewall policiesare critical forcontrolling accessto applications and network resources.

By implementing astrict firewall policy, you limit access to only trusted and necessary sources, greatly reducing the attack surface available to malware or APT actors.

While antivirus software (Option C) can help detect malware,APT actors often use sophisticated methodsthat bypass traditional antivirus tools.

Encryption (Option A) protectsdata confidentialitybutdoes not preventmalware or APTs from attacking the application.

Strong password policies (Option B) helpwith account securitybutdo not directly addressmalware or APT threats.

Key extract from the WGU D488 Study Guide:

"A strict firewall policy is essential for preventing unauthorized access and mitigating advanced persistent threats. Limiting exposure through segmentation, access control lists, and traffic filtering protects critical assets from external and internal threats."

The correct answer is B — Access logs.

As outlined in the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, access logs record who accessed which system components, when they did so, and what changes they made. These logs are vital for creating an audit trail that can be reviewed to detect unauthorized changes to applications or systems.

NetFlow logs (A) track network traffic flows but not system or application changes. Packet capture logs (C) deal with network data but are not specialized for auditing application-level events. Router logs (D) capture network device activity, not application access information.

Reference Extract from Study Guide:

"Access logs maintain detailed records of user actions within systems and applications, providing the necessary audit trail for tracking authorized and unauthorized activities."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Log Management Concepts

=============================================

The correct answer is B — Log analysis.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488) curriculum, log analysis is critical for retrospective threat hunting — reviewing system, network, and application logs to identify signs of compromise or unauthorized activities that might have gone unnoticed in real-time. This technique helps uncover attacks that have already occurred in hybrid or cloud environments.

Honeypots (A) are proactive traps to detect future attacks. Social engineering (C) involves manipulating people, not hunting threats. Penetration testing (D) is used to find vulnerabilities, not to review past incidents.

Reference Extract from Study Guide:

"Threat hunting through log analysis involves systematically reviewing collected logs to uncover evidence of past or ongoing compromises, enabling organizations to identify and respond to threats that may have bypassed preventive controls."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Threat Detection and Hunting Concepts

Of course!

Here are the verified and properly formatted answers for your next set of questions, strictly following your instructions and the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) official course materials:

=============================================