The correct answer is B - Implementing security patches and updates on a regular basis and using hybrid cloud topology.
WGU Cybersecurity Architecture and Engineering (KFO1 / D488) emphasizes that timely application of security patches is critical to addressing vulnerabilities like outdated software. A hybrid cloud topology offers the flexibility and scalability needed by financial institutions while keeping sensitive data protected in more controlled environments.
Strong password policies (A) help, but public cloud alone may not be best for sensitive banking systems.
Antivirus (C) addresses only part of the threat. Private cloud (D) improves security but may not offer the scalability benefits of a hybrid approach.
Reference Extract from Study Guide:
"Timely application of security patches mitigates vulnerabilities, and hybrid cloud models balance the need for scalability and sensitive data protection in financial institutions."
- WGU Cybersecurity Architecture and Engineering (KFO1 / D488), Risk Mitigation Strategies and Cloud Topologies

Multi-Factor Authentication (MFA)mitigates identity theft by requiring two or more factors (something you know, have, or are) for access. This significantly raises the difficulty of account compromise, especially in environments with sensitive supply chain data.
NIST SP 800-63B (Digital Identity Guidelines):
"MFA significantly reduces the likelihood of credential compromise and is strongly recommended for all user accounts accessing critical systems." While patching and firewalls are important, MFAdirectly addresses identity theftprevention.
#WGU Course Alignment:
Domain:Access Control and Identity Management
Topic:Implement MFA for secure user authentication

Obfuscating error messagesprevents attackers from receiving technical details (e.g., software version, file paths, or database errors) that they can use for exploitation. This is part ofsecure codinganderror handlingpractices.
OWASP Secure Coding Practices - Error Handling and Logging:
"Applications should not disclose detailed error messages to users. Instead, provide generic messages to prevent leakage of system or application details." HTTPS secures transport, but doesn't addressinformation disclosurevia error output.
#WGU Course Alignment:
Domain:Information Systems and Architecture
Topic:Implement secure design practices (e.g., error handling, obfuscation)

* The employee needs to execute a program from the command line, which requires inputting commands into the computer.
* The primary device for inputting commands is the keyboard.
* Other options like the hard drive, speaker, and printer are not used for inputting commands.
* The hard drive is used for data storage.
* The speaker outputs sound.
* The printer outputs documents.
* Therefore, the correct peripheral device for this task is the keyboard.
References:
* "Computer Fundamentals" by Anita Goel, which discusses input devices and their uses.
* "The Principles of Information Systems" by Ralph Stair and George Reynolds, which details peripheral devices and their functions.

* Copyrightsare a common legal method used to protect software.
* A copyright gives the creator of the software exclusive rights to use and distribute the software.
* It protects against unauthorized copying, modification, and distribution of the software.
* Software creators can enforce their copyrights to prevent others from infringing on their intellectual property.
* Example:Copyright law is often invoked in cases of software piracy.
References:
* "Copyright Law for the Internet and Information Technology" by Geraldine Collins.
* "Understanding Copyright Law" by Marshall A. Leaffer.