The correct answer is C - Data loss prevention (DLP).
According to WGU Cybersecurity Architecture and Engineering (KFO1 / D488), DLP technologies monitor and control the transfer of sensitive information outside of the corporate network, preventing unauthorized data exfiltration whether by internal misuse or external threats.
MFA (A) strengthens authentication but does not monitor data transfer. IDS (B) detects intrusions but does not prevent data loss. IPS (D) blocks network attacks but is not specifically designed for preventing exfiltration of sensitive data.
Reference Extract from Study Guide:
"Data loss prevention (DLP) solutions protect sensitive data by monitoring, detecting, and blocking potential data exfiltration attempts."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Data Protection Technologies

The correct answer is D - Measured boot.
WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that Measured Boot, often implemented with Trusted Platform Modules (TPMs), ensures that each component of theboot process is verified for integrity. It provides cryptographic evidence that the system's startup sequence has not been tampered with.
Two-factor authentication (A) secures user logins but does not verify boot integrity. IDS (B) monitors network or host behavior but does not protect the boot process. HSM (C) secures cryptographic operations, not the system boot.
Reference Extract from Study Guide:
"Measured Boot verifies the integrity of the boot process, providing assurance that the system has not been compromised during startup."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), System Hardening and Trusted Computing

Wireless Intrusion Prevention Systems (WIPS)are specifically designed to monitor wireless networks and prevent rogue access points, MITM attacks, and wireless eavesdropping. Unlike Layer 3 switches or SIEM tools, WIPS directly addresses wireless threat vectors.
NIST SP 800-153 (Guidelines for Securing Wireless Local Area Networks):
"WIPS technologies help detect and prevent unauthorized wireless access points and attacks such as evil twin and man-in-the-middle attempts."
#WGU Course Alignment:
Domain:Network Security
Topic:Implement wireless network protections (e.g., WIPS)

Virtual Network Peeringallows two or more virtual networks to communicate through private IP addresses, enabling seamless traffic flow across resources in different networks withminimal configuration overhead.
Microsoft Azure Documentation (Network Peering):
"Virtual network peering seamlessly connects Azure virtual networks. The networks appear as one for connectivity purposes, and traffic is routed through Microsoft's backbone infrastructure." Unlike VPNs or complex routing configurations,peeringis simple,requires no downtime, and doesn't need encryption if networks are internal.
#WGU Course Alignment:
Domain:Information Systems and Architecture
Topic:Cloud architecture, network segmentation, and inter-VNET connectivity