OA FINAL PAPER 2026 STUDY GUIDE DETAILED
ANSWERS READY
◉ A cloud administrator recommends using tokenization as an
alternative to protecting data without encryption. The administrator
needs to make an authorized application request to access the data.
Which step should occur immediately before this action is taken?
The application collects a token.
The application stores the token.
The tokenization server generates the token.
The tokenization server returns the token to the applicatio.
Answer: The application stores the token
◉ A company has recently defined classification levels for its data.
During which phase of the cloud data life cycle should this definition
occur?
Use
Share
Create
Archive.
Answer: Create
,◉ Which jurisdictional data protection includes dealing with the
international transfer of data?
Privacy regulation
Financial modernization
Sarbanes-Oxley act (SOX)
Secure choice authorization (SCA).
Answer: Privacy regulation
◉ Which jurisdictional data protection controls the ways that
financial institutions deal with the private information of
individuals?
Sarbanes-Oxley act (SOX)
Gramm-Leach-Bliley act (GLBA)
Stored communications act (SCA)
Health insurance portability and accountability act (HIPAA).
Answer: Gramm-Leach-Bliley act (GLBA)
◉ Which jurisdictional data protection safeguards protected health
information (PHI)?
Directive 95/46/EC
Safe harbor regime
Personal Data Protection Act of 2000
,Health Insurance Portability and Accountability Act (HIPAA).
Answer: Health Insurance Portability and Accountability Act
(HIPAA)
◉ How is the compliance of the cloud service provider's legal and
regulatory requirements verified when securing personally
identifiable information (PII) data in the cloud?
E-discovery process
Contractual agreements
Researching data retention laws
Third-party audits and attestations.
Answer: Third-party audits and attestations
◉ Which security strategy is associated with data rights
management solutions?
Static policy control
Continuous auditing
Unrestricted replication
Limited documents type support.
Answer: Continuous auditing
◉ Who retains final ownership for granting data access and
permissions in a shared responsibility model?
, Analyst
Manager
Customer
Developer.
Answer: Customer
◉ Which data retention solution should be applied to a file in order
to reduce the data footprint by deleting fixed content and duplicate
data?
Saving
Backup
Caching
Archiving.
Answer: Archiving
◉ Which data retention method is stored with a minimal amount of
metadata storage with the content?
File system
Redundant array
Block-based
Object-based.
Answer: Block-based