Mandatory Access Control (MAC)is the access control model used in environments that manage classified information such as government or military systems. Under MAC, access is based onsecurity labels(e.g., Top Secret, Confidential), and userscannot changeaccess controls.
NIST SP 800-53 Rev. 5 - AC-3 (Access Enforcement):
"MAC policies enforce access based on system-enforced labels, without user discretion, and are ideal for high- security environments where strict data control is essential." MAC is theonly modelwhere access control decisions arecentrally controlled and enforced by a policy administrator, making it ideal for environments requiringdata labeling and user classification.
#WGU Course Alignment:
Domain:Access Control and Identity Management
Topic:Understand and apply MAC for high-security environments

An information system is a coordinated set of components designed to collect, store, and process data, and to deliver information, knowledge, and digital products. Organizations use information systems to support operations, management, and decision-making. This includes both the technical components (hardware, software, databases, and networks) and the human components (people and processes).

The correct answer is C - Replacing the legacy firewalls with next-generation firewalls (NGFWs).
WGU Cybersecurity Architecture and Engineering (KFO1 / D488) outlines that NGFWs integrate advanced features like intrusion detection and prevention, application control, and real-time threat intelligence. They are designed to detect and alert on inbound threats as required by the mandate.
SIEM appliances (A) collect logs and correlate events but do not replace firewall functionality. Load balancers (B) manage traffic distribution, not threat detection. Reverse proxies (D) secure and balance traffic for web servers, not general firewall traffic.
Reference Extract from Study Guide:
"Next-generation firewalls (NGFWs) provide integrated intrusion detection and prevention capabilities, fulfilling modern security requirements for real-time threat monitoring and alerting."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Firewall Technologies and Modern Security Controls

The correct answer is C - Assess.
As per WGU Cybersecurity Architecture and Engineering (KFO1 / D488) materials, after risks have been identified, the next step in the risk management life cycle is to assess them. Assessment involves analyzing and prioritizing the risks based on their potential impact and likelihood. Only after assessment can proper strategies be formulated for controlling and mitigating the risks.
Identification (A) occurs before assessment, while reviewing (B) and controlling (D) happen later in the process.
Reference Extract from Study Guide:
"Following the identification of risks, the risk management process proceeds to risk assessment, where risks are analyzed and prioritized based on likelihood and impact to guide mitigation efforts."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Risk Management Process

The correct answer is A - Implementing secure encrypted enclaves and Advanced Micro Devices (AMD) Secure Memory Encryption.
WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that encryption at the memory level (such as AMD SME) and secure enclaves protect data in volatile memory, safeguarding it even if physical attacks occur.
Security training (B), antivirus (C), and password policies (D) improve security generally but do not specifically address data in volatile memory.
Reference Extract from Study Guide:
"Encrypted enclaves and secure memory encryption protect sensitive data in volatile storage, maintaining confidentiality and integrity even during advanced attacks."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Server and Memory Security Controls