WGU E025 Cloud and Network Security Models
Objective Assessment |OA Questions and Answers
– 2026 Update | 100% Correct.
SO 27001
Information security management system (ISMS) that guides security policies, risk
management, and trust.
ISO/IEC 27018
Protection of personally identifiable information (PII) in the cloud that shapes
privacy policies, data residency, and control over PII.
NIST SP 800-53
Comprehensive security and privacy controls for federal systems that informs
control selection for robust cloud security, especially for government data.
GDPR
EU data protection and privacy for EU residents that mandates data subject
rights, consent, and cross-border data transfer rules.
CSA (Cloud Security Alliance)
Defines cloud security best practices and provides guidance for risk management
and security architecture.
, WGU E025 Cloud and Network Security Models
Objective Assessment |OA Questions and Answers
– 2026 Update | 100% Correct.
CSA STAR
Public registry of cloud provider security controls that aids vendor selection and
transparency in security.
CSA CCM
Cybersecurity control framework specifically for cloud computing that is
foundational for establishing cloud-specific security controls and policies.
LGPD
Brazil's general data protection law that requires governance for personal data of
Brazilian residents, consent, and Data Protection Impact Assessment (DPIA).
CCPA/CPRA
California consumer privacy rights that mandate consumer rights and data
minimization for California residents' data.
SOC 2
Assesses service provider system security, availability, etc., providing assurance
for vendor selection and risk management.
, WGU E025 Cloud and Network Security Models
Objective Assessment |OA Questions and Answers
– 2026 Update | 100% Correct.
HIPAA
U.S. legislation for safeguarding protected health information (PHI) that dictates
specific governance for PHI; backend as a service (BAAs) access controls.
PCI DSS
Security standards for protecting cardholder data that governs security controls
for credit card data (network segmentation, encryption).
FISMA
U.S. framework for securing federal information systems that mandates specific
security controls for cloud services used by federal agencies.
CMMC
U.S. Department of Defense framework for protecting federal contract
information (FCI) and controlled unclassified information (CUI) that requires
defense contractors to meet cybersecurity maturity levels for cloud data.
CloudWatch
Objective Assessment |OA Questions and Answers
– 2026 Update | 100% Correct.
SO 27001
Information security management system (ISMS) that guides security policies, risk
management, and trust.
ISO/IEC 27018
Protection of personally identifiable information (PII) in the cloud that shapes
privacy policies, data residency, and control over PII.
NIST SP 800-53
Comprehensive security and privacy controls for federal systems that informs
control selection for robust cloud security, especially for government data.
GDPR
EU data protection and privacy for EU residents that mandates data subject
rights, consent, and cross-border data transfer rules.
CSA (Cloud Security Alliance)
Defines cloud security best practices and provides guidance for risk management
and security architecture.
, WGU E025 Cloud and Network Security Models
Objective Assessment |OA Questions and Answers
– 2026 Update | 100% Correct.
CSA STAR
Public registry of cloud provider security controls that aids vendor selection and
transparency in security.
CSA CCM
Cybersecurity control framework specifically for cloud computing that is
foundational for establishing cloud-specific security controls and policies.
LGPD
Brazil's general data protection law that requires governance for personal data of
Brazilian residents, consent, and Data Protection Impact Assessment (DPIA).
CCPA/CPRA
California consumer privacy rights that mandate consumer rights and data
minimization for California residents' data.
SOC 2
Assesses service provider system security, availability, etc., providing assurance
for vendor selection and risk management.
, WGU E025 Cloud and Network Security Models
Objective Assessment |OA Questions and Answers
– 2026 Update | 100% Correct.
HIPAA
U.S. legislation for safeguarding protected health information (PHI) that dictates
specific governance for PHI; backend as a service (BAAs) access controls.
PCI DSS
Security standards for protecting cardholder data that governs security controls
for credit card data (network segmentation, encryption).
FISMA
U.S. framework for securing federal information systems that mandates specific
security controls for cloud services used by federal agencies.
CMMC
U.S. Department of Defense framework for protecting federal contract
information (FCI) and controlled unclassified information (CUI) that requires
defense contractors to meet cybersecurity maturity levels for cloud data.
CloudWatch
