WGU-C838-PRE-ASSESSMENT
"Which phase of the cloud data lifecycle allows both read and process functions to be
performed?
(A) Share
(B) Store
(C) Create
(D) Archive" - ✔Create
"Which phase of the cloud data security lifecycle typically occurs simultaneously with
creation?
(A) Use
(B) Share
(C) Store
(D) Destroy" - ✔Store
"Which phase of the cloud data life cycle uses content delivery networks?
(A) Share
(B) Create
(C) Destroy
(D) Archive" - ✔Share
"Which phase of the cloud data life cycle is associated with crypto-shredding?
(A) Use
(B) Store
(C) Share
(D) Destroy" - ✔Destroy
"Which cloud data storage architecture allows sensitive data to be replaced with unique
identification symbols that retain all the essential information about the data without
compromising its security?
(A) Obfuscation
(B) Tokenization
(C) Anonymization
(D) Randomization" - ✔Tokenization
"Which methodology could cloud data storage utilize to encrypt all data associated in an
infrastructure as a service (IaaS) deployment model?
(A) Sandbox encryption
(B) Client-side encryption
(C) Polymorphic encryption
(D) Whole-instance encryption" - ✔Whole-instance encryption
"There is a threat to a banking cloud platform service. The developer needs to provide
inclusion in a relational database that is seamless and readily searchable by search
engine algorithms. Which platform as a service (PaaS) data type should be used?
(A) Structured
(B) Unstructured
,WGU-C838-PRE-ASSESSMENT
(C) Long-term storage
(D) Short-term storage" - ✔Structured
"Which platform as a service (PaaS) storage architecture should be used if an
organization wants to store presentations, documents, and audio files?
(A) Block
(B) Object
(C) Distributed
(D) Relational database" - ✔Object
"Which technique scrambles the content of data using a mathematical algorithm while
keeping the structural arrangement of the data?
(A) Tokenization
(B) Dynamic masking
(C) Proxy-based encryption
(D) Format-preserving encryption" - ✔Format-preserving encryption
"Which encryption technique connects the instance to the encryption instance that
handles all crypto operations?
(A) Proxy
(B) Database
(C) Server-side
(D) Externally managed" - ✔Proxy
"Which type of control should be used to implement custom controls that safeguard
data?
(A) Application level
(B) Management plane
(C) Options for access
(D) Public and internal sharing" - ✔Application level
"Which element is protected by an encryption system?
(A) Data
(B) Public key
(C) Ciphertext
(D) Management engine" - ✔Data
"A cloud administrator recommends using tokenization as an alternative to protecting
data without encryption. The administrator needs to make an authorized application
request to access the data.
Which step should occur immediately before this action is taken?
(A) The application collects a token.
(B) The application stores the token.
(C) The tokenization server generates the token.
(D) The tokenization server returns the token to the application." - ✔(B) The application
stores the token
, WGU-C838-PRE-ASSESSMENT
"A company has recently defined classification levels for its data. During which phase of
the cloud data life cycle should this definition occur?
(A) Use
(B) Share
(C) Create
(D) Archive" - ✔Create
"Which jurisdictional data protection includes dealing with the international transfer of
data?
(A) Privacy regulation
(B) Financial modernization
(C) Sarbanes-Oxley act (SOX)
(D) Secure choice authorization (SCA)" - ✔Privacy Regulation
"Which jurisdictional data protection controls the ways that Financial institutions deal
with the private information of individuals?
(A) Sarbanes-Oxley act (SOX)
(B) Gramm-Leach-Bliley act (GLBA)
(C) Stored communications act (SCA)
(D) Health insurance portability and accountability act (HIPAA)" - ✔Gramm-Leach-Bliley
act (GLBA)
"Which jurisdictional data protection safeguards protected health information (PHI)?
(A) Directive 95/46/EC
(B) Safe harbor regime
(C) Personal Data Protection Act of 2000
(D) Health Insurance Portability and Accountability Act (HIPAA)" - ✔Health Insurance
Portability and Accountability Act (HIPAA)
"How is the compliance of the cloud service provider's legal and regulatory
requirements verified when securing personally identifiable information (PII) data in the
cloud?
(A) E-discovery process
(B) Contractual agreements
(C) Researching data retention laws
(D) Third-party audits and attestations" - ✔Third-party audits and attestations
"Which security strategy is associated with data rights management solutions?
(A) Static policy control
(B) Continuous auditing
(C) Unrestricted replication
(D) Limited documents type support" - ✔Continuous auditing
"Who retains Final ownership for granting data access and permissions in a shared
responsibility model?
"Which phase of the cloud data lifecycle allows both read and process functions to be
performed?
(A) Share
(B) Store
(C) Create
(D) Archive" - ✔Create
"Which phase of the cloud data security lifecycle typically occurs simultaneously with
creation?
(A) Use
(B) Share
(C) Store
(D) Destroy" - ✔Store
"Which phase of the cloud data life cycle uses content delivery networks?
(A) Share
(B) Create
(C) Destroy
(D) Archive" - ✔Share
"Which phase of the cloud data life cycle is associated with crypto-shredding?
(A) Use
(B) Store
(C) Share
(D) Destroy" - ✔Destroy
"Which cloud data storage architecture allows sensitive data to be replaced with unique
identification symbols that retain all the essential information about the data without
compromising its security?
(A) Obfuscation
(B) Tokenization
(C) Anonymization
(D) Randomization" - ✔Tokenization
"Which methodology could cloud data storage utilize to encrypt all data associated in an
infrastructure as a service (IaaS) deployment model?
(A) Sandbox encryption
(B) Client-side encryption
(C) Polymorphic encryption
(D) Whole-instance encryption" - ✔Whole-instance encryption
"There is a threat to a banking cloud platform service. The developer needs to provide
inclusion in a relational database that is seamless and readily searchable by search
engine algorithms. Which platform as a service (PaaS) data type should be used?
(A) Structured
(B) Unstructured
,WGU-C838-PRE-ASSESSMENT
(C) Long-term storage
(D) Short-term storage" - ✔Structured
"Which platform as a service (PaaS) storage architecture should be used if an
organization wants to store presentations, documents, and audio files?
(A) Block
(B) Object
(C) Distributed
(D) Relational database" - ✔Object
"Which technique scrambles the content of data using a mathematical algorithm while
keeping the structural arrangement of the data?
(A) Tokenization
(B) Dynamic masking
(C) Proxy-based encryption
(D) Format-preserving encryption" - ✔Format-preserving encryption
"Which encryption technique connects the instance to the encryption instance that
handles all crypto operations?
(A) Proxy
(B) Database
(C) Server-side
(D) Externally managed" - ✔Proxy
"Which type of control should be used to implement custom controls that safeguard
data?
(A) Application level
(B) Management plane
(C) Options for access
(D) Public and internal sharing" - ✔Application level
"Which element is protected by an encryption system?
(A) Data
(B) Public key
(C) Ciphertext
(D) Management engine" - ✔Data
"A cloud administrator recommends using tokenization as an alternative to protecting
data without encryption. The administrator needs to make an authorized application
request to access the data.
Which step should occur immediately before this action is taken?
(A) The application collects a token.
(B) The application stores the token.
(C) The tokenization server generates the token.
(D) The tokenization server returns the token to the application." - ✔(B) The application
stores the token
, WGU-C838-PRE-ASSESSMENT
"A company has recently defined classification levels for its data. During which phase of
the cloud data life cycle should this definition occur?
(A) Use
(B) Share
(C) Create
(D) Archive" - ✔Create
"Which jurisdictional data protection includes dealing with the international transfer of
data?
(A) Privacy regulation
(B) Financial modernization
(C) Sarbanes-Oxley act (SOX)
(D) Secure choice authorization (SCA)" - ✔Privacy Regulation
"Which jurisdictional data protection controls the ways that Financial institutions deal
with the private information of individuals?
(A) Sarbanes-Oxley act (SOX)
(B) Gramm-Leach-Bliley act (GLBA)
(C) Stored communications act (SCA)
(D) Health insurance portability and accountability act (HIPAA)" - ✔Gramm-Leach-Bliley
act (GLBA)
"Which jurisdictional data protection safeguards protected health information (PHI)?
(A) Directive 95/46/EC
(B) Safe harbor regime
(C) Personal Data Protection Act of 2000
(D) Health Insurance Portability and Accountability Act (HIPAA)" - ✔Health Insurance
Portability and Accountability Act (HIPAA)
"How is the compliance of the cloud service provider's legal and regulatory
requirements verified when securing personally identifiable information (PII) data in the
cloud?
(A) E-discovery process
(B) Contractual agreements
(C) Researching data retention laws
(D) Third-party audits and attestations" - ✔Third-party audits and attestations
"Which security strategy is associated with data rights management solutions?
(A) Static policy control
(B) Continuous auditing
(C) Unrestricted replication
(D) Limited documents type support" - ✔Continuous auditing
"Who retains Final ownership for granting data access and permissions in a shared
responsibility model?
