WGU C838 - 2024 UPDATE MANAGING CLOUD
SECURITY COMPLETE QUESTIONS AND VERIFIED
ANSWERS GRADE A+ GET ALL RIGHT
What are 3 characteristics of cloud computing?
Elasticity
Simplicity
Scalability
What is a cloud customer?
Anyone purchasing cloud services
What is a cloud user?
Anyone using cloud services
What are the three cloud computing service models?
SaaS(Software as a service)
PaaS(Platform as a service)
IaaS(Infrastructure as a service)
What is IaaS (Infrastructure as a Service)?
Cloud provider provides all the physical capability and administration, while the
customer is responsible for logical resources.
What is PaaS (Platform as a Service)?
A cloud computing service that provides the hardware and the operating system and is
responsible for updating and maintaining both.
What is SaaS (Software As A Service)?
Cloud provider manages everything.
What are the 4 characteristics of cloud computing?
Broad network access
On-demand services
Resource Pooling
Measured or "metered" service
What NIST publication number defines cloud computing?
800-145
What ISO/IEC standard provides information on cloud computing?
17788
What is another way of describing a functional business requirement?
necessary
What is another way of describing a nonfunctional business requirement?
not necessary
What is the greatest driver pushing orgs to the cloud?
Cost savings
What is cloud bursting?
,Ability to increase available cloud resources on demand
What are the four cloud deployment models?
Public
Private
Community
Hybrid
What cloud model is owned by a single organization?
Private
What cloud model is an arrangement of two or more cloud servers?
Hybrid
What cloud model is a shared setup between orgs?
Community
What cloud model is open for free usage?
Public
What is a cloud service provider?
Cloud service provider manages and provides entire hosting ability
What is a Cloud Access Security Broker?
Third-party acting as an intermediary for identity and access management
What do regulators do?
Ensure organizations are in compliance with regulatory framework.
What word in the CIA triad describes: What protects information from
unauthorized access/dissemination?
Confidentiality
What word in the CIA triad describes: Ensuring that information is not subject to
unauthorized modification?
Integrity
What word in the CIA triad describes: Ensuring that authorized users can access
the information when they are permitted to do so?
Availability
What is a cloud architect?
Expert in cloud computing
What is cloud os also known as?
PaaS
NIST standard number that lists accredited and outmoded cryptosystems
FIPS 140-2
customer may be unable to leave, migrate, or transfer to an alternate provider due
to technical or non-technical constraints.
vendor lock-m
What is cloud migration?
Process of transitioning part of a company's data or services from onsite premises to
the cloud
What is cloud portability?
Move applications and data between cloud providers
What offers a degree of assurance that nobody w/o authorization will be able to
access other's data?
Encryption
, If a cloud customer wants a secure, isolated sandbox in order to conduct
software development and testing, which cloud service model would probably be
best?
PaaS
What technology has NOT made cloud service viable?
Smart hubs
What determines the critical paths, processes, and assets of an organization?
BIA
Fully-operational environment with very little maintenance or administration
necessary, which cloud service model would probably be best?
PaaS
customer is unable to recover or access their own data due to the cloud provider
going into bankruptcy or otherwise leaving the market.
Vendor lock-out
What are four examples of things to know to decide how to handle risks within an
org?
Inventory of all assets
Valuation of each asset
Critical paths, processes, and assets
Clear understanding of risk appetite
T/F: Assets are only tangible items.
False. Assets are everything owned or controlled by an org.
The process of evaluating assets?
Business Impact Analysis(BIA)
What is criticality?
Something an org could not operate or exist without
What are 5 examples of criticality for an org
Tangible assets
Intangible assets
Processes
Data paths
Personnel
In risk, what is the avoidance method?
Avoiding high risk
In risk, what is the acceptance method?
Acceptable level of risk
In risk, what is an example of the avoidance method?
Insurance
In risk, what is the mitigation method?
Controls or countermeasures
Assets can be what?
Tangible
Intangible
Personnel
What does Business Impact Analysis do?
Defines which of the assets provide the intrinsic value of an organization.
SECURITY COMPLETE QUESTIONS AND VERIFIED
ANSWERS GRADE A+ GET ALL RIGHT
What are 3 characteristics of cloud computing?
Elasticity
Simplicity
Scalability
What is a cloud customer?
Anyone purchasing cloud services
What is a cloud user?
Anyone using cloud services
What are the three cloud computing service models?
SaaS(Software as a service)
PaaS(Platform as a service)
IaaS(Infrastructure as a service)
What is IaaS (Infrastructure as a Service)?
Cloud provider provides all the physical capability and administration, while the
customer is responsible for logical resources.
What is PaaS (Platform as a Service)?
A cloud computing service that provides the hardware and the operating system and is
responsible for updating and maintaining both.
What is SaaS (Software As A Service)?
Cloud provider manages everything.
What are the 4 characteristics of cloud computing?
Broad network access
On-demand services
Resource Pooling
Measured or "metered" service
What NIST publication number defines cloud computing?
800-145
What ISO/IEC standard provides information on cloud computing?
17788
What is another way of describing a functional business requirement?
necessary
What is another way of describing a nonfunctional business requirement?
not necessary
What is the greatest driver pushing orgs to the cloud?
Cost savings
What is cloud bursting?
,Ability to increase available cloud resources on demand
What are the four cloud deployment models?
Public
Private
Community
Hybrid
What cloud model is owned by a single organization?
Private
What cloud model is an arrangement of two or more cloud servers?
Hybrid
What cloud model is a shared setup between orgs?
Community
What cloud model is open for free usage?
Public
What is a cloud service provider?
Cloud service provider manages and provides entire hosting ability
What is a Cloud Access Security Broker?
Third-party acting as an intermediary for identity and access management
What do regulators do?
Ensure organizations are in compliance with regulatory framework.
What word in the CIA triad describes: What protects information from
unauthorized access/dissemination?
Confidentiality
What word in the CIA triad describes: Ensuring that information is not subject to
unauthorized modification?
Integrity
What word in the CIA triad describes: Ensuring that authorized users can access
the information when they are permitted to do so?
Availability
What is a cloud architect?
Expert in cloud computing
What is cloud os also known as?
PaaS
NIST standard number that lists accredited and outmoded cryptosystems
FIPS 140-2
customer may be unable to leave, migrate, or transfer to an alternate provider due
to technical or non-technical constraints.
vendor lock-m
What is cloud migration?
Process of transitioning part of a company's data or services from onsite premises to
the cloud
What is cloud portability?
Move applications and data between cloud providers
What offers a degree of assurance that nobody w/o authorization will be able to
access other's data?
Encryption
, If a cloud customer wants a secure, isolated sandbox in order to conduct
software development and testing, which cloud service model would probably be
best?
PaaS
What technology has NOT made cloud service viable?
Smart hubs
What determines the critical paths, processes, and assets of an organization?
BIA
Fully-operational environment with very little maintenance or administration
necessary, which cloud service model would probably be best?
PaaS
customer is unable to recover or access their own data due to the cloud provider
going into bankruptcy or otherwise leaving the market.
Vendor lock-out
What are four examples of things to know to decide how to handle risks within an
org?
Inventory of all assets
Valuation of each asset
Critical paths, processes, and assets
Clear understanding of risk appetite
T/F: Assets are only tangible items.
False. Assets are everything owned or controlled by an org.
The process of evaluating assets?
Business Impact Analysis(BIA)
What is criticality?
Something an org could not operate or exist without
What are 5 examples of criticality for an org
Tangible assets
Intangible assets
Processes
Data paths
Personnel
In risk, what is the avoidance method?
Avoiding high risk
In risk, what is the acceptance method?
Acceptable level of risk
In risk, what is an example of the avoidance method?
Insurance
In risk, what is the mitigation method?
Controls or countermeasures
Assets can be what?
Tangible
Intangible
Personnel
What does Business Impact Analysis do?
Defines which of the assets provide the intrinsic value of an organization.
