WGU C838 - Managing Cloud Security Exam
With 100% Correct Answers 2026/2027
International Traffic in Arms Regulation (ITAR) - Correct Answer-USA - state dept prohibitions on
defense related exports. This can include cryptographic systems.
Export Administration Regulations - Correct Answer-Department of Commerce
Control: dual-use goods/software/technology predominately civilian in nature but may include
military applications.
Also: Anti-boycott provisions
The Wassenaar Arrangement - Correct Answer-A group of 41 countries who have an agreement to
let the others know when military shipments are made to non-member countries.
Brewer-Nash model - Correct Answer-Regarding employees in a shared datacenter - the
employees' previous access to data determines their future access levels. This involves their
access to customer data. If they had access to customer A's data in the past, they should not get
access to Customer A's competitors after that. (Also known as the Chinese Wall model)
The Electronic Communication Privacy Act (ECPA) - Correct Answer-Enhance laws restricting the
government from putting wire taps on phone calls, updating them to include electronic
communication in the form of data.
The Stored Communications Act (SCA, Title II of the Electronic Communications Privacy Act) -
Correct Answer-Restrict government from forcing ISPs to disclose customer data the ISP might
possess.
, Graham- Leach-Bliley Act (GLBA) - Correct Answer-Allow banks to merge with and own insurance
companies. Included in the law were stipulations that customer account information be kept secure
and private, and that customers be allowed to opt out of any information-sharing arrangements the
bank or insurer might engage in.
Sarbanes-Oxley Act (SOX) - Correct Answer-Increase transparency into publicly traded
corporations' financial activities. Includes provisions for securing data and expressly names the
traits of confidentiality, integrity, and availability.
Health Insurance Portability and Accountability Act (HIPAA) - Correct Answer-Protect patient
records and data, known as electronic protected health information (ePHI).
Family Educational Rights and Privacy Act (FERPA) - Correct Answer-Prevent academic
institutions from sharing student data with anyone other than parents of students (up to age 18) or
the students (after age 18).
The Digital Millennium Copyright Act (DMCA) - Correct Answer-Update copyright provisions to
protect owned data in an Internet-enabled world. Makes cracking of access controls on
copyrighted media a crime, and enables copyright holders to require any site on the Internet to
remove content that may belong to the copyright holder.
Stored Communications Act (18 U.S.C. Chapter 121, 2701-2712) - Correct Answer-Addresses
both voluntary and compelled disclosure of stored wire and electronic communications and
transactional records held by third parties. It further provides for privacy protection regarding
certain electronic communications and computing services from unauthorized access or
interception by government entities. It was designed as an extension of the protections previously
offered by the Computer Fraud and Abuse Act (CFAA) of 1986, and as a means to enhance and
update earlier "wire tap" statutes.
Health Insurance Portability and Accountability Act (HIPAA) - Correct Answer-The primary purpose
of the law when it was enacted was to make it easier for people to keep health insurance policies,
protect the confidentiality and security of their healthcare information, and help the healthcare
industry control administrative costs.
Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 - Correct
Answer-Provided financial incentives for medical practices and hospitals to convert paper record-
keeping systems to digital
GLBA - Correct Answer-Requires financial institutions to have a written Information Security Plan.
Later FDIC revisions require an Information Security Officer be named and given adequate
resources to implement the ISP.
Who enforces SOX? - Correct Answer-The SEC
Jurisdiction - Correct Answer-The land and people belonging to a country in which laws are being
enforced.
With 100% Correct Answers 2026/2027
International Traffic in Arms Regulation (ITAR) - Correct Answer-USA - state dept prohibitions on
defense related exports. This can include cryptographic systems.
Export Administration Regulations - Correct Answer-Department of Commerce
Control: dual-use goods/software/technology predominately civilian in nature but may include
military applications.
Also: Anti-boycott provisions
The Wassenaar Arrangement - Correct Answer-A group of 41 countries who have an agreement to
let the others know when military shipments are made to non-member countries.
Brewer-Nash model - Correct Answer-Regarding employees in a shared datacenter - the
employees' previous access to data determines their future access levels. This involves their
access to customer data. If they had access to customer A's data in the past, they should not get
access to Customer A's competitors after that. (Also known as the Chinese Wall model)
The Electronic Communication Privacy Act (ECPA) - Correct Answer-Enhance laws restricting the
government from putting wire taps on phone calls, updating them to include electronic
communication in the form of data.
The Stored Communications Act (SCA, Title II of the Electronic Communications Privacy Act) -
Correct Answer-Restrict government from forcing ISPs to disclose customer data the ISP might
possess.
, Graham- Leach-Bliley Act (GLBA) - Correct Answer-Allow banks to merge with and own insurance
companies. Included in the law were stipulations that customer account information be kept secure
and private, and that customers be allowed to opt out of any information-sharing arrangements the
bank or insurer might engage in.
Sarbanes-Oxley Act (SOX) - Correct Answer-Increase transparency into publicly traded
corporations' financial activities. Includes provisions for securing data and expressly names the
traits of confidentiality, integrity, and availability.
Health Insurance Portability and Accountability Act (HIPAA) - Correct Answer-Protect patient
records and data, known as electronic protected health information (ePHI).
Family Educational Rights and Privacy Act (FERPA) - Correct Answer-Prevent academic
institutions from sharing student data with anyone other than parents of students (up to age 18) or
the students (after age 18).
The Digital Millennium Copyright Act (DMCA) - Correct Answer-Update copyright provisions to
protect owned data in an Internet-enabled world. Makes cracking of access controls on
copyrighted media a crime, and enables copyright holders to require any site on the Internet to
remove content that may belong to the copyright holder.
Stored Communications Act (18 U.S.C. Chapter 121, 2701-2712) - Correct Answer-Addresses
both voluntary and compelled disclosure of stored wire and electronic communications and
transactional records held by third parties. It further provides for privacy protection regarding
certain electronic communications and computing services from unauthorized access or
interception by government entities. It was designed as an extension of the protections previously
offered by the Computer Fraud and Abuse Act (CFAA) of 1986, and as a means to enhance and
update earlier "wire tap" statutes.
Health Insurance Portability and Accountability Act (HIPAA) - Correct Answer-The primary purpose
of the law when it was enacted was to make it easier for people to keep health insurance policies,
protect the confidentiality and security of their healthcare information, and help the healthcare
industry control administrative costs.
Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 - Correct
Answer-Provided financial incentives for medical practices and hospitals to convert paper record-
keeping systems to digital
GLBA - Correct Answer-Requires financial institutions to have a written Information Security Plan.
Later FDIC revisions require an Information Security Officer be named and given adequate
resources to implement the ISP.
Who enforces SOX? - Correct Answer-The SEC
Jurisdiction - Correct Answer-The land and people belonging to a country in which laws are being
enforced.
