WGU D320 Managing Cloud Security
OA EXAM STUDY GUIDE 2026/2027
COMPLETE QUESTIONS WITH
VERIFIED CORRECT ANSWERS ||
100% GUARANTEED PASS
<NEWEST VERSION>
1. International Standards Organization (ISO) - ANSWER ✔ is an international
standards body composed of representatives from various standards
organizations.
2. ISO/IEC 27001 - ANSWER ✔ Standard on managing Information Security.
It includes requirements for establishing ,
implementing, maintaining, and continually improving information
management.
3. ISO/IEC 27002 - ANSWER ✔ provides best practices on information
security controls for those attempting to be ISO/IEC 27001.
4. ISO/IEC 27017 - ANSWER ✔ created to supplement ISO/IEC 27002 to
provide additional security controls for the cloud.
5. ISO/IEC 27018:2014
, ISO/IEC 27018:2019 - ANSWER ✔ IT Security techniques. Code of
practice for protection of PII in public clouds.
6. ISO/IEC 27034-1 - ANSWER ✔ mandates a framework for application
security within an organization.
7. ISO/IEC 28000:2007 - ANSWER ✔ standard for ensuring security
assurance in the supply chain.
8. ISO/IEC 31000:2009 - ANSWER ✔ standard providing industry
independent principles and guidelines on risk management.
9. NIST - ANSWER ✔ National Institute of Standards and Technology is an
agency of the Department of Commerce whose mission is to promote
innovation and industrial competitiveness. It also creates numerous standard
and requirements for the DoD, Federal Government, and government
contractors relating to Cyber security.
10.NIST SP 800-37 - ANSWER ✔ Risk Management Framework using a life
cycle approach for security and privacy.
11.NIST SP 800-53 - ANSWER ✔ provides security and privacy controls for
information systems and organizations.
12.NIST SP 800-92 - ANSWER ✔ Guide to Computer Security Log
Management
,13.ISO 27034 - ANSWER ✔ There is only one ONF for an organization but
potentially as many ANF's as applications.
- Application Normative Framework (ANF)
- Organizational Normative Framework (ONF)
14.ASHRAE - American Society of Heating, Refrigerating and Air-
Conditioning Engineers - ANSWER ✔ is an American professional
association seeking to advance heating, ventilation, air conditioning and
refrigeration systems design and construction.
15.Cloud bursting - ANSWER ✔ organizations to use hosted cloud service to
augment internal, private data
center capabilities with managed services during times of increase demand;
an org can rent the additional capacity as needed from an external cloud
provider (crisis situation, heavy holiday shopping periods); rapid scalability
allows customer to dictate the volume of resource
16.Simplicity - ANSWER ✔ allow a user to seamlessly use the service without
frequently interacting with the cloud service provider
17.Scalability - ANSWER ✔ increasing/reducing services can be easily,
quickly, and cost-effectively accomplished
18.UnstructuredDataTypes - ANSWER ✔ qualitativedata;natural-
languagetext;incorporatemedia
(audio, video, images); contains JSON, XML, binary objects (images
encoded as text
, strings); important for data analytic strategies; noSQL
19.StructuredDataTypes - ANSWER ✔ quantitative data; organized and
decipherable by machine
learning algorithms; SQL (relational) can be used to quickly input, search,
and
manipulate data; used by machine learning algorithms
20.TCI (Trusted Cloud Initiative) - ANSWER ✔ Reference Model: guide for
cloud providers, allowing them to create a holistic architecture that
customers can purchase (including physical/logical layout of network and
processes necessary to utilize both)
21.Identifies Legal, Compliance, and Ethical Concerns
Which of the following describes the legal requirement for organizations to
implement adequate safeguards to protect personal data - ANSWER ✔ A.
Data Minimization
B. Data Integrity
C. Data Protection by Design
D. Data Breach Notification
Correct Answer: C. Data Protection by Design
Explanation: Data Protection by Design requires organizations to implement
appropriate safeguards throughout the data lifecycle. Data Minimization
limits data collection, Data Integrity ensures accuracy, and Data Breach
Notification involves informing individuals when their data is compromised.
22.Implements Secure Solutions
Which of the following is a primary method for securing data in a multi-
tenant cloud environment - ANSWER ✔ A. Using shared virtual machines
B. Implementing strong access control policies
C. Encrypting data in transit
D. Isolating tenants using VLANs
Correct Answer: D. Isolating tenants using VLANs
OA EXAM STUDY GUIDE 2026/2027
COMPLETE QUESTIONS WITH
VERIFIED CORRECT ANSWERS ||
100% GUARANTEED PASS
<NEWEST VERSION>
1. International Standards Organization (ISO) - ANSWER ✔ is an international
standards body composed of representatives from various standards
organizations.
2. ISO/IEC 27001 - ANSWER ✔ Standard on managing Information Security.
It includes requirements for establishing ,
implementing, maintaining, and continually improving information
management.
3. ISO/IEC 27002 - ANSWER ✔ provides best practices on information
security controls for those attempting to be ISO/IEC 27001.
4. ISO/IEC 27017 - ANSWER ✔ created to supplement ISO/IEC 27002 to
provide additional security controls for the cloud.
5. ISO/IEC 27018:2014
, ISO/IEC 27018:2019 - ANSWER ✔ IT Security techniques. Code of
practice for protection of PII in public clouds.
6. ISO/IEC 27034-1 - ANSWER ✔ mandates a framework for application
security within an organization.
7. ISO/IEC 28000:2007 - ANSWER ✔ standard for ensuring security
assurance in the supply chain.
8. ISO/IEC 31000:2009 - ANSWER ✔ standard providing industry
independent principles and guidelines on risk management.
9. NIST - ANSWER ✔ National Institute of Standards and Technology is an
agency of the Department of Commerce whose mission is to promote
innovation and industrial competitiveness. It also creates numerous standard
and requirements for the DoD, Federal Government, and government
contractors relating to Cyber security.
10.NIST SP 800-37 - ANSWER ✔ Risk Management Framework using a life
cycle approach for security and privacy.
11.NIST SP 800-53 - ANSWER ✔ provides security and privacy controls for
information systems and organizations.
12.NIST SP 800-92 - ANSWER ✔ Guide to Computer Security Log
Management
,13.ISO 27034 - ANSWER ✔ There is only one ONF for an organization but
potentially as many ANF's as applications.
- Application Normative Framework (ANF)
- Organizational Normative Framework (ONF)
14.ASHRAE - American Society of Heating, Refrigerating and Air-
Conditioning Engineers - ANSWER ✔ is an American professional
association seeking to advance heating, ventilation, air conditioning and
refrigeration systems design and construction.
15.Cloud bursting - ANSWER ✔ organizations to use hosted cloud service to
augment internal, private data
center capabilities with managed services during times of increase demand;
an org can rent the additional capacity as needed from an external cloud
provider (crisis situation, heavy holiday shopping periods); rapid scalability
allows customer to dictate the volume of resource
16.Simplicity - ANSWER ✔ allow a user to seamlessly use the service without
frequently interacting with the cloud service provider
17.Scalability - ANSWER ✔ increasing/reducing services can be easily,
quickly, and cost-effectively accomplished
18.UnstructuredDataTypes - ANSWER ✔ qualitativedata;natural-
languagetext;incorporatemedia
(audio, video, images); contains JSON, XML, binary objects (images
encoded as text
, strings); important for data analytic strategies; noSQL
19.StructuredDataTypes - ANSWER ✔ quantitative data; organized and
decipherable by machine
learning algorithms; SQL (relational) can be used to quickly input, search,
and
manipulate data; used by machine learning algorithms
20.TCI (Trusted Cloud Initiative) - ANSWER ✔ Reference Model: guide for
cloud providers, allowing them to create a holistic architecture that
customers can purchase (including physical/logical layout of network and
processes necessary to utilize both)
21.Identifies Legal, Compliance, and Ethical Concerns
Which of the following describes the legal requirement for organizations to
implement adequate safeguards to protect personal data - ANSWER ✔ A.
Data Minimization
B. Data Integrity
C. Data Protection by Design
D. Data Breach Notification
Correct Answer: C. Data Protection by Design
Explanation: Data Protection by Design requires organizations to implement
appropriate safeguards throughout the data lifecycle. Data Minimization
limits data collection, Data Integrity ensures accuracy, and Data Breach
Notification involves informing individuals when their data is compromised.
22.Implements Secure Solutions
Which of the following is a primary method for securing data in a multi-
tenant cloud environment - ANSWER ✔ A. Using shared virtual machines
B. Implementing strong access control policies
C. Encrypting data in transit
D. Isolating tenants using VLANs
Correct Answer: D. Isolating tenants using VLANs
