- Home
- WGU
- WGU Cybersecurity Architecture and Engineering (KFO1/D488)
- WGU.Cybersecurity-Architecture-and-Engineering.v2025-11-03.q85
- Question 26
Valid Cybersecurity-Architecture-and-Engineering Dumps shared by ExamDiscuss.com for Helping Passing Cybersecurity-Architecture-and-Engineering Exam! ExamDiscuss.com now offer the newest Cybersecurity-Architecture-and-Engineering exam dumps, the ExamDiscuss.com Cybersecurity-Architecture-and-Engineering exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Cybersecurity-Architecture-and-Engineering dumps with Test Engine here:
Access Cybersecurity-Architecture-and-Engineering Dumps Premium Version
(215 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 26/85
A company has recently experienced a data breach from an insider threat and wants to implement a policy to reduce the risk of similar incidents in the future. During the incident, the insider threat accessed sensitive information stored in the administrator account from their user account. The insider threat was not in a supervisory role at the time of the incident.
Which policy should the company implement?
Which policy should the company implement?
Correct Answer: C
The correct answer is C - Least privilege.
According to the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) course material, the principle of least privilege ensures that users are granted only the minimum level of access required to perform their job functions. In this case, if the insider only had access to resources necessary for their user role, they would not have been able to access sensitive administrative information.
Password complexity (A) strengthens account security but does not prevent excessive access. Separation of duties (B) divides critical tasks but is not solely about limiting access. Job rotation (D) moves employees between roles but is not an access control measure.
Reference Extract from Study Guide:
"The principle of least privilege requires limiting user access rights to the minimum necessary to perform their tasks, reducing the risk of insider threats and unauthorized access to sensitive information."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Access Control Principles
According to the WGU Cybersecurity Architecture and Engineering (KFO1 / D488) course material, the principle of least privilege ensures that users are granted only the minimum level of access required to perform their job functions. In this case, if the insider only had access to resources necessary for their user role, they would not have been able to access sensitive administrative information.
Password complexity (A) strengthens account security but does not prevent excessive access. Separation of duties (B) divides critical tasks but is not solely about limiting access. Job rotation (D) moves employees between roles but is not an access control measure.
Reference Extract from Study Guide:
"The principle of least privilege requires limiting user access rights to the minimum necessary to perform their tasks, reducing the risk of insider threats and unauthorized access to sensitive information."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Access Control Principles
- Question List (85q)
- Question 1: A company is concerned about the potential risks associated ...
- Question 2: What is a function of a proxy server?...
- Question 3: A healthcare organization has experienced a ransomware attac...
- Question 4: A cybersecurity analyst at a manufacturing company is tasked...
- Question 5: A system analyst is reviewing risk documents and noticed tha...
- Question 6: What is scope creep?
- Question 7: Which risk management strategy will help prevent cheating us...
- Question 8: A security analyst for a financial institution is in the pro...
- Question 9: Which two languages are scripted? Choose 2 answers...
- Question 10: Which statement best describes the purpose of a business int...
- Question 11: An IT organization has recently migrated its servers to the ...
- Question 12: A software development company uses file transfer protocol (...
- Question 13: A cloud hosting provider is concerned about the potential ri...
- Question 14: A company is concerned about advanced persistent threats and...
- Question 15: A company wants to improve the security of its software deve...
- Question 16: Which database has multiple tables with interrelated fields?...
- Question 17: An organization's engineering team is developing a mobile ap...
- Question 18: Which technique allows someone to obtain a password while it...
- Question 19: A software development company is required to comply with th...
- Question 20: A financial institution is concerned about a potential data ...
- Question 21: Which key exchange algorithm is based on advanced cryptograp...
- Question 22: Which stream cipher is a variant of the Salsa20 cipher, desi...
- Question 23: Which IT role is responsible for the installation and mainte...
- Question 24: An organization wants to securely transmit sensitive informa...
- Question 25: What is the role of the compiler?...
- Question 26: A company has recently experienced a data breach from an ins...
- Question 27: Which type of services are Google Apps, Dropbox. and GoToMee...
- Question 28: Which security technique should be used to prevent data exfi...
- Question 29: An organization's board of directors is reviewing the risk r...
- Question 30: An IT organization recently implemented a hybrid cloud deplo...
- Question 31: A software development company has experienced a noticeable ...
- Question 32: The security team manages a set of legacy firewalls that hav...
- Question 33: After a recent security assessment, it was discovered that m...
- Question 34: An IT organization has recently implemented a hybrid cloud d...
- Question 35: Which item is an input device?
- Question 36: What is the correct order of project phases?...
- Question 37: Which encryption technique can be used to enable a third-par...
- Question 38: A large healthcare provider is acquiring a small clinic and ...
- Question 39: Why are businesses beginning to use big data?...
- Question 40: What is the typical organizing principle of a database?...
- Question 41: A company has identified a potential risk associated with a ...
- Question 42: An organization sends customers e-mail messages based on the...
- Question 43: What is a common characteristic of a proprietary software li...
- Question 44: A company is preparing to test its disaster recovery plan, w...
- Question 45: Which risk management strategy will ensure the secure config...
- Question 46: A cybersecurity analyst at a healthcare organization was tas...
- Question 47: Match the legislative purpose with the corresponding legisla...
- Question 48: A company is developing a new system to process personal inf...
- Question 49: Which motherboard component is used for short-term storage o...
- Question 50: An organization wants to implement a new encryption solution...
- Question 51: A retail company has recently implemented a new point of sal...
- Question 52: Management has asked its networking team to recommend a solu...
- Question 53: Which item information should be stored in a database to det...
- Question 54: What is a component of IT infrastructure?...
- Question 55: A company wants to secure its computer systems and prevent a...
- Question 56: A company is planning to implement a new cloud-based system ...
- Question 57: A financial institution conducted a cybersecurity assessment...
- Question 58: Which algorithm is suitable for ensuring the integrity of di...
- Question 59: A financial services company is concerned about the potentia...
- Question 60: A healthcare organization is concerned about the potential r...
- Question 61: A small start-up is setting up its first network, and it nee...
- Question 62: Which is true about access rights?...
- Question 63: Which life cycle is part of the process for planning, creati...
- Question 64: A government agency needs to deploy a secure network connect...
- Question 65: Which risk management strategy will ensure the secure storag...
- Question 66: The security team has been tasked with selecting a password ...
- Question 67: Which risk management strategy will ensure that data stored ...
- Question 68: A company is concerned about the security of its users' pass...
- Question 69: What are two roles of a DNS? Choose 2 answers...
- Question 70: Which type of systems testing includes having end users test...
- Question 71: An employee needs to execute a program from the command line...
- Question 72: A company wants to ensure that the integrity of its systems ...
- Question 73: A company has recently failed a security audit. Many of the ...
- Question 74: A company is developing a new mobile application to support ...
- Question 75: An IT organization needs to enable secure communication acro...
- Question 76: How do data support an organization's business goals?...
- Question 77: A corporate website is currently being redesigned, which lea...
- Question 78: Which risk management strategy will supplement privacy requi...
- Question 79: Which peripheral replaces the mouse on a mobile device?...
- Question 80: Which IT role is responsible for installing new hardware and...
- Question 81: In which type of network topology are the networked devices ...
- Question 82: A software development company is concerned about the potent...
- Question 83: Which software allows the user to easily access the hardware...
- Question 84: Which characteristic identifies intranet application softwar...
- Question 85: An e-commerce company has recently experienced a data breach...
[×]
Download PDF File
Enter your email address to download WGU.Cybersecurity-Architecture-and-Engineering.v2025-11-03.q85.pdf