WGU E025 Cloud and Network Security
Models Objective Assessment |OA
Questions and Answers – 2026 Update |
100% Correct.
There is a threat to a banking cloud platform service. The developer needs to provide inclusion in
a relational database that is seamless and readily searchable by search engine algorithms.
Which platform as a service (PaaS) data type should be used?
A Short-term storage
B Structured
C Unstructured
D Long-term storage B
Which platform as a service (PaaS) storage architecture should be used if an organization wants
to store presentations, documents, and audio files?
A Relational database
B Block
C Distributed
D Object D
Which technique scrambles the content of data using a mathematical algorithm while keeping the
structural arrangement of the data?
A Dynamic masking
B Format-preserving encryption
C Proxy-based encryption
D Tokenization B
Which encryption technique connects the instance to the encryption instance that handles all
crypto operations?
A Database
B Proxy
C Externally managed
D Server-side B
Which type of control should be used to implement custom controls that safeguard data?
A Public and internal sharing
,B Options for access
C Management plane
D Application level D
Which element is protected by an encryption system?
A Ciphertext
B Management engine
C Data
D Public key C
A cloud administrator recommends using tokenization as an alternative to protecting data
without encryption. The administrator needs to make an authorized application request to access
the data.
Which step should occur immediately before this action is taken?
A The tokenization server returns the token to the application.
B The tokenization server generates the token.
C The application collects a token.
D The application stores the token. D
A company has recently defined classification levels for its data.
During which phase of the cloud data life cycle should this definition occur?
A Use
B Create
C Share
D Archive B
Which jurisdictional data protection includes dealing with the international transfer of data?
A Financial modernization
B Secure choice authorization (SCA)
C Sarbanes-Oxley act (SOX)
D Privacy regulation D
Which jurisdictional data protection controls the ways that financial institutions deal with the
private information of individuals?
A Stored communications act (SCA)
B Health insurance portability and accountability act (HIPAA)
C Gramm-Leach-Bliley act (GLBA)
D Sarbanes-Oxley act (SOX) C
,Which jurisdictional data protection safeguards protected health information (PHI)?
A Directive 95/46/EC
B Safe harbor regime
C Personal Data Protection Act of 2000
D Health Insurance Portability and Accountability Act (HIPAA) D
How is the compliance of the cloud service provider's legal and regulatory requirements verified
when securing personally identifiable information (PII) data in the cloud?
A Contractual agreements
B Third-party audits and attestations
C e-Discovery process
D Researching data retention laws B
Which security strategy is associated with data rights management solutions?
A Unrestricted replication
B Limited documents type support
C Static policy control
D Continuous auditing D
Who retains final ownership for granting data access and permissions in a shared responsibility
model?
A Customer
B Developer
C Manager
D Analyst A
Which data retention solution should be applied to a file in order to reduce the data footprint by
deleting fixed content and duplicate data?
A Backup
B Caching
C Archiving
D Saving C
Which data retention method is stored with a minimal amount of metadata storage with the
content?
A File system
B Redundant array
C Object-based
D Block-based D
, What is a key capability of security information and event management?
A Intrusion prevention capabilities
B Automatic remediation of issues
C Centralized collection of log data
D Secure remote access C
Which data source provides auditability and traceability for event investigation as well as
documentation?
A Storage files
B Packet capture
C Network interference
D Database tables B
Which data source provides auditability and traceability for event investigation as well as
documentation?
A Network segmentation
B Ephemeral storage
C Database schema
D Virtualization platform logs D
Which technology is used to manage identity access management by building trust relationships
between organizations?
A Single sign-on
B Multifactor authentication
C Federation
D Biometric authentication C
Which term describes the action of confirming identity access to an information system?
A Coordination
B Concept
C Access
D Authentication D
Which cloud computing tool is used to discover internal use of cloud services using various
mechanisms such as network monitoring?
A Data loss prevention (DLP)
B Content delivery network (CDN)
C Cloud access security broker (CASB)
D Web application firewall (WAF) C
Models Objective Assessment |OA
Questions and Answers – 2026 Update |
100% Correct.
There is a threat to a banking cloud platform service. The developer needs to provide inclusion in
a relational database that is seamless and readily searchable by search engine algorithms.
Which platform as a service (PaaS) data type should be used?
A Short-term storage
B Structured
C Unstructured
D Long-term storage B
Which platform as a service (PaaS) storage architecture should be used if an organization wants
to store presentations, documents, and audio files?
A Relational database
B Block
C Distributed
D Object D
Which technique scrambles the content of data using a mathematical algorithm while keeping the
structural arrangement of the data?
A Dynamic masking
B Format-preserving encryption
C Proxy-based encryption
D Tokenization B
Which encryption technique connects the instance to the encryption instance that handles all
crypto operations?
A Database
B Proxy
C Externally managed
D Server-side B
Which type of control should be used to implement custom controls that safeguard data?
A Public and internal sharing
,B Options for access
C Management plane
D Application level D
Which element is protected by an encryption system?
A Ciphertext
B Management engine
C Data
D Public key C
A cloud administrator recommends using tokenization as an alternative to protecting data
without encryption. The administrator needs to make an authorized application request to access
the data.
Which step should occur immediately before this action is taken?
A The tokenization server returns the token to the application.
B The tokenization server generates the token.
C The application collects a token.
D The application stores the token. D
A company has recently defined classification levels for its data.
During which phase of the cloud data life cycle should this definition occur?
A Use
B Create
C Share
D Archive B
Which jurisdictional data protection includes dealing with the international transfer of data?
A Financial modernization
B Secure choice authorization (SCA)
C Sarbanes-Oxley act (SOX)
D Privacy regulation D
Which jurisdictional data protection controls the ways that financial institutions deal with the
private information of individuals?
A Stored communications act (SCA)
B Health insurance portability and accountability act (HIPAA)
C Gramm-Leach-Bliley act (GLBA)
D Sarbanes-Oxley act (SOX) C
,Which jurisdictional data protection safeguards protected health information (PHI)?
A Directive 95/46/EC
B Safe harbor regime
C Personal Data Protection Act of 2000
D Health Insurance Portability and Accountability Act (HIPAA) D
How is the compliance of the cloud service provider's legal and regulatory requirements verified
when securing personally identifiable information (PII) data in the cloud?
A Contractual agreements
B Third-party audits and attestations
C e-Discovery process
D Researching data retention laws B
Which security strategy is associated with data rights management solutions?
A Unrestricted replication
B Limited documents type support
C Static policy control
D Continuous auditing D
Who retains final ownership for granting data access and permissions in a shared responsibility
model?
A Customer
B Developer
C Manager
D Analyst A
Which data retention solution should be applied to a file in order to reduce the data footprint by
deleting fixed content and duplicate data?
A Backup
B Caching
C Archiving
D Saving C
Which data retention method is stored with a minimal amount of metadata storage with the
content?
A File system
B Redundant array
C Object-based
D Block-based D
, What is a key capability of security information and event management?
A Intrusion prevention capabilities
B Automatic remediation of issues
C Centralized collection of log data
D Secure remote access C
Which data source provides auditability and traceability for event investigation as well as
documentation?
A Storage files
B Packet capture
C Network interference
D Database tables B
Which data source provides auditability and traceability for event investigation as well as
documentation?
A Network segmentation
B Ephemeral storage
C Database schema
D Virtualization platform logs D
Which technology is used to manage identity access management by building trust relationships
between organizations?
A Single sign-on
B Multifactor authentication
C Federation
D Biometric authentication C
Which term describes the action of confirming identity access to an information system?
A Coordination
B Concept
C Access
D Authentication D
Which cloud computing tool is used to discover internal use of cloud services using various
mechanisms such as network monitoring?
A Data loss prevention (DLP)
B Content delivery network (CDN)
C Cloud access security broker (CASB)
D Web application firewall (WAF) C
