WGU Updated Cybersecurity-Architecture-and-Engineering Exam Questions and Answers by nyra

The correct answer is C — Constantly scan for known signatures on every machine.

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), scanning for known malware signatures is an essential method for detecting infections such as botnets. Signature-based detection compares files and behaviors against databases of known indicators of compromise (IOCs).

Two-factor authentication (A) protects login processes but does not detect malware. Firewall rules (B) help control access but do not detect infections. Configuration management (D) ensures system setup integrity but does not detect botnets.

Reference Extract from Study Guide:

"Signature-based scanning detects malware and botnets by comparing system files and behaviors against databases of known threats and indicators of compromise (IOCs)."

— WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Malware Detection and Threat Response

DMCA (Digital Millennium Copyright Act)

Purpose: The DMCA makes it illegal to violate copyrights by disseminating digitized material.

The DMCA was enacted in 1998 to address the issues of digital rights management and copyright infringement in the digital age. It provides legal protection to copyright holders against unauthorized copying, sharing, and distribution of their digital works. The legislation criminalizes the production and dissemination of technology, devices, or services intended tocircumvent measures that control access to copyrighted works (commonly known as DRM—Digital Rights Management).

DMCA Overview - U.S. Copyright Office

HIPAA (Health Insurance Portability and Accountability Act)

Purpose: Prohibits agencies from distributing an individual's health information without the individual's consent.

HIPAA, enacted in 1996, is designed to protect individuals' medical records and other personal health information. The Privacy Rule under HIPAA sets standards for the protection of health information by health plans, healthcare clearinghouses, and healthcare providers that conduct certain healthcare transactions electronically. It mandates the protection and confidential handling of protected health information (PHI).

Tabletop exercisessimulate emergency scenarios in alow-risk, discussion-based format, allowing teams to walk through recovery procedures and decision-making without disrupting actual business operations.

NIST SP 800-84 (Guide to Test, Training, and Exercise Programs):

“Tabletop exercises are effective tools for validating plans and procedures in a discussion format without impacting normal operations.”

Full interruption tests are disruptive; checklists and walkthroughs offer lower fidelity evaluations.

????WGU Course Alignment:

Domain:Business Continuity and Disaster Recovery

Topic:Test disaster plans using low-impact simulation techniques

Applyingregular updates and patchesis fundamental to risk mitigation. Choosing ahybrid cloud topologyallows the financial institution to retaincritical services in-housewhile leveragingcloud scalabilityfor high-volume transactions.

NIST SP 800-160 Vol. 1 (Systems Security Engineering):

“Security patching is essential for mitigating vulnerabilities, especially in high-assurance environments like financial systems.”

Thehybrid modelbalancesperformance, control, and security, which is vital for core banking systems.

????WGU Course Alignment:

Domain:System Security Engineering

Topic:Apply risk mitigation techniques and choose secure deployment topologies