New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

WGU (KFO1/D488) Cybersecurity Architecture and Engineering Exam - Topic 3 Question 2 Discussion

Actual exam question for WGU's WGU (KFO1/D488) Cybersecurity Architecture and Engineering exam
Question #: 2
Topic #: 3
[All WGU (KFO1/D488) Cybersecurity Architecture and Engineering Questions]

An IT organization recently implemented a hybrid cloud deployment. The security team must be able to correlate event data combined from different sources in a central location.

What is the best solution?

Show Suggested Answer Hide Answer
Suggested Answer: D

The correct answer is D --- Security information and event management (SIEM).

According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), a SIEM collects and correlates event data from multiple sources (such as cloud and on-premisesenvironments) in real-time. It provides centralized visibility, analysis, and alerting, which is critical in hybrid cloud deployments.

File integrity monitoring (A) watches for unauthorized file changes, not event correlation. DLP (B) protects sensitive data but does not correlate events. IDS (C) detects network intrusions but does not combine event data centrally.

Reference Extract from Study Guide:

'Security information and event management (SIEM) systems collect, normalize, correlate, andanalyze security event data from multiple sources, providing centralized monitoring and alerting.'

--- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Security Monitoring and Event Management

=============================================


by Shay at Nov 23, 2025, 04:40 AM

Limited Time Offer

25%

Off

Get Premium WGU (KFO1/D488) Cybersecurity Architecture and Engineering Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Katlyn
14 hours ago
Wait, isn't FIM also important for security?
upvoted 0 times
...
Aimee
6 days ago
I think IDS could work too, but SIEM is more comprehensive.
upvoted 0 times
...
Mirta
11 days ago
SIEM is definitely the way to go for centralizing event data.
upvoted 0 times
...
Louvenia
16 days ago
D) SIEM? More like SCREAM when you see the price tag! But hey, gotta do what you gotta do.
upvoted 0 times
...
Isabelle
21 days ago
D) SIEM is the way to go. Hybrid cloud security is no joke, gotta stay on top of it.
upvoted 0 times
...
Gianna
26 days ago
D) SIEM is the obvious choice here. Hybrid cloud needs that unified security visibility.
upvoted 0 times
...
Elin
1 month ago
I feel like DLP focuses on preventing data loss, which doesn't really fit the requirement of correlating event data. SIEM seems more appropriate.
upvoted 0 times
...
Verda
1 month ago
I practiced a similar question, and I believe FIM is more about monitoring file changes rather than correlating event data. So, it might not be the best choice.
upvoted 0 times
...
Makeda
1 month ago
I'm not entirely sure, but I remember something about IDS being useful for detecting intrusions. Could it be relevant here?
upvoted 0 times
...
Leslee
2 months ago
I think the answer might be D) SIEM since it’s designed for centralizing and correlating event data from multiple sources.
upvoted 0 times
...
Kanisha
2 months ago
SIEM definitely sounds like the way to go here. It's designed to collect, analyze, and correlate security data from multiple systems, which is exactly what the question is asking for.
upvoted 0 times
...
Mary
2 months ago
I'm leaning towards SIEM as well. It seems like the best solution to centralize and correlate the event data from the different sources in a hybrid cloud setup.
upvoted 0 times
...
Janey
2 months ago
D) Security information and event management (SIEM) is the way to go. Gotta love that centralized event data correlation!
upvoted 0 times
...
Rene
2 months ago
Okay, let's think this through. We need a way to aggregate and analyze security data from various sources, right? That sounds like a job for a SIEM system to me.
upvoted 0 times
...
Gwenn
3 months ago
SIEM offers real-time analysis, very important for security.
upvoted 0 times
...
Weldon
3 months ago
Hmm, D) SIEM seems like the best fit. Gotta keep an eye on that hybrid cloud, you know?
upvoted 0 times
...
Jacinta
3 months ago
I'm a bit unsure about this one. The question mentions a hybrid cloud deployment, so I'm wondering if DLP or an IDS might be more relevant for that kind of environment.
upvoted 0 times
...
Carey
3 months ago
Hmm, this sounds like it's asking for a centralized security solution to monitor and correlate events across different sources. I'm thinking SIEM might be the best option here.
upvoted 0 times
Charlie
2 months ago
I agree, SIEM seems like the right choice for centralizing data.
upvoted 0 times
...
...

Save Cancel