An unknown IP address successfully logging in viaSSHindicates that authentication was achieved - likely due toweak or reused passwords. This is not enumeration or vulnerability exploitation, but acredential-based compromise.
NIST SP 800-118 (Guide to Enterprise Password Management):
"Weak, default, or reused passwords are among the most exploited vulnerabilities in enterprise networks, particularly on remote access services such as SSH." This is one of the most common findings inSIEM alertswhen password policies and access control mechanisms are improperly enforced.
#WGU Course Alignment:
Domain:System Security Engineering
Topic:Implement strong authentication practices and monitor remote access

Geo-IP filtering at the firewallis a well-established method of blocking traffic from regions that the organization does not do business with or has no legitimate presence in.
NIST SP 800-41 Rev. 1 (Guidelines on Firewalls):
"Firewalls can be configured to block traffic based on geolocation or IP ranges to reduce exposure to known hostile regions." Firewalls are thefirst line of defensein the network perimeter; adjusting SIEM rules doesn't actively block access.
#WGU Course Alignment:
Domain:Network Security
Topic:Implement firewall filtering rules for geographic and IP-based restrictions

End-of-life (EOL) systemspose a significant security risk because they no longer receive patches or security updates. Themost effective and proactive hardening techniquein this case is tocompletely remove those systems from the network.
NIST SP 800-128 (Guide for Security-Focused Configuration Management):
"Systems no longer supported by vendors must be removed, replaced, or isolated as they pose unacceptable risks." Other controls are useful for broader protection, but if a system is inherently vulnerable and cannot be patched, removal is the only surefire solution.
#WGU Course Alignment:
Domain:System Security Engineering
Topic:Implement system hardening strategies and manage legacy systems

The correct answer is D - Private information retrieval (PIR).
WGU Cybersecurity Architecture and Engineering (KFO1 / D488) explains that PIR allows users to query a database in such a way that the server cannot determine what information the user is retrieving. It protects user privacy while enabling database interaction.
SFE (A) involves computing a function without revealing inputs. PFE (B) is similar to SFE but focuses on functions. Homomorphic encryption (C) allows computation but not necessarily private querying.
Reference Extract from Study Guide:
"Private Information Retrieval (PIR) enables users to access database information without revealing the nature of the query to the server, preserving user privacy."

* SQLis a standard language used to communicate with and manage databases. It allows applications to perform operations such as querying, updating, and managing data.
* JDBCis an API in Java that enables Java applications to interact with databases. It provides methods for querying and updating data in a database using SQL.
* DBMS (Database Management System)is the system software for creating and managing databases but not directly used by applications for database access.
* ODBC (Open Database Connectivity)is another standard API but specific to applications in a broader range of languages and platforms.
* GUI (Graphical User Interface)is a user interface and not a method for applications to access databases.
References:
* "SQL: The Complete Reference" by James R. Groff and Paul N. Weinberg.
* "Java Database Connectivity: JDBC and Java" by Daniel K. Akers.