WGU - Managing Cloud Security - C838
UPDATED Actual Exam Questions and
CORRECT Answers
What are the 4 characteristics of cloud computing? - CORRECT ANSWER✔✔- Broad
network access
On-demand services
Resource Pooling
Measured or "metered" service
What NIST publication number defines cloud computing? - CORRECT ANSWER✔✔- 800-
145
What ISO/IEC standard provides information on cloud computing? - CORRECT
ANSWER✔✔- 17788
What is another way of describing a functional business requirement? - CORRECT
ANSWER✔✔- necessary
What is another way of describing a nonfunctional business requirement? - CORRECT
ANSWER✔✔- not necessary
What is the greatest driver pushing orgs to the cloud? - CORRECT ANSWER✔✔- Cost
savings
What is cloud bursting? - CORRECT ANSWER✔✔- Ability to increase available cloud
resources on demand
What are 3 characteristics of cloud computing? - CORRECT ANSWER✔✔- Elasticity
Simplicity
Scalability
,What is a cloud customer? - CORRECT ANSWER✔✔- Anyone purchasing cloud services
What is a cloud user? - CORRECT ANSWER✔✔- Anyone using cloud services
What are the three cloud computing service models? - CORRECT ANSWER✔✔-
SaaS(Software as a service)
PaaS(Platform as a service)
IaaS(Infrastructure as a service)
What is IaaS (Infrastructure as a Service)? - CORRECT ANSWER✔✔- Cloud provider
provides all the physical capability and administration, while the customer is responsible for
logical resources.
What is PaaS (Platform as a Service)? - CORRECT ANSWER✔✔- A cloud computing
service that provides the hardware and the operating system and is responsible for updating
and maintaining both.
What is SaaS (Software As A Service)? - CORRECT ANSWER✔✔- Cloud provider manages
everything.
What are the four cloud deployment models? - CORRECT ANSWER✔✔- Public
Private
Community
Hybrid
What cloud model is owned by a single organization? - CORRECT ANSWER✔✔- Private
What cloud model is an arrangement of two or more cloud servers? - CORRECT
ANSWER✔✔- Hybrid
What cloud model is a shared setup between orgs? - CORRECT ANSWER✔✔- Community
,What cloud model is open for free usage? - CORRECT ANSWER✔✔- Public
What is a cloud service provider? - CORRECT ANSWER✔✔- Cloud service provider
manages and provides entire hosting ability
What is a Cloud Access Security Broker? - CORRECT ANSWER✔✔- Third-party acting as
an intermediary for identity and access management
What do regulators do? - CORRECT ANSWER✔✔- Ensure organizations are in compliance
with regulatory framework.
What word in the CIA triad describes: What protects information from unauthorized
access/dissemination? - CORRECT ANSWER✔✔- Confidentiality
What word in the CIA triad describes: Ensuring that information is not subject to
unauthorized modification? - CORRECT ANSWER✔✔- Integrity
What word in the CIA triad describes: Ensuring that authorized users can access the
information when they are permitted to do so? - CORRECT ANSWER✔✔- Availability
What is a cloud architect? - CORRECT ANSWER✔✔- Expert in cloud computing
What is cloud os also known as? - CORRECT ANSWER✔✔- PaaS
NIST standard number that lists accredited and outmoded cryptosystems - CORRECT
ANSWER✔✔- FIPS 140-2
customer may be unable to leave, migrate, or transfer to an alternate provider due to technical
or non-technical constraints. - CORRECT ANSWER✔✔- vendor lock-m
, What is cloud migration? - CORRECT ANSWER✔✔- Process of transitioning part of a
company's data or services from onsite premises to the cloud
What is cloud portability? - CORRECT ANSWER✔✔- Move applications and data between
cloud providers
What offers a degree of assurance that nobody w/o authorization will be able to access other's
data? - CORRECT ANSWER✔✔- Encryption
If a cloud customer wants a secure, isolated sandbox in order to conduct software
development and testing, which cloud service model would probably be best? - CORRECT
ANSWER✔✔- PaaS
What technology has NOT made cloud service viable? - CORRECT ANSWER✔✔- Smart
hubs
What determines the critical paths, processes, and assets of an organization? - CORRECT
ANSWER✔✔- BIA
Fully-operational environment with very little maintenance or administration necessary,
which cloud service model would probably be best? - CORRECT ANSWER✔✔- PaaS
customer is unable to recover or access their own data due to the cloud provider going into
bankruptcy or otherwise leaving the market. - CORRECT ANSWER✔✔- Vendor lock-out
What are four examples of things to know to decide how to handle risks within an org? -
CORRECT ANSWER✔✔- Inventory of all assets
Valuation of each asset
Critical paths, processes, and assets
Clear understanding of risk appetite
T/F: Assets are only tangible items. - CORRECT ANSWER✔✔- False. Assets are everything
owned or controlled by an org.
UPDATED Actual Exam Questions and
CORRECT Answers
What are the 4 characteristics of cloud computing? - CORRECT ANSWER✔✔- Broad
network access
On-demand services
Resource Pooling
Measured or "metered" service
What NIST publication number defines cloud computing? - CORRECT ANSWER✔✔- 800-
145
What ISO/IEC standard provides information on cloud computing? - CORRECT
ANSWER✔✔- 17788
What is another way of describing a functional business requirement? - CORRECT
ANSWER✔✔- necessary
What is another way of describing a nonfunctional business requirement? - CORRECT
ANSWER✔✔- not necessary
What is the greatest driver pushing orgs to the cloud? - CORRECT ANSWER✔✔- Cost
savings
What is cloud bursting? - CORRECT ANSWER✔✔- Ability to increase available cloud
resources on demand
What are 3 characteristics of cloud computing? - CORRECT ANSWER✔✔- Elasticity
Simplicity
Scalability
,What is a cloud customer? - CORRECT ANSWER✔✔- Anyone purchasing cloud services
What is a cloud user? - CORRECT ANSWER✔✔- Anyone using cloud services
What are the three cloud computing service models? - CORRECT ANSWER✔✔-
SaaS(Software as a service)
PaaS(Platform as a service)
IaaS(Infrastructure as a service)
What is IaaS (Infrastructure as a Service)? - CORRECT ANSWER✔✔- Cloud provider
provides all the physical capability and administration, while the customer is responsible for
logical resources.
What is PaaS (Platform as a Service)? - CORRECT ANSWER✔✔- A cloud computing
service that provides the hardware and the operating system and is responsible for updating
and maintaining both.
What is SaaS (Software As A Service)? - CORRECT ANSWER✔✔- Cloud provider manages
everything.
What are the four cloud deployment models? - CORRECT ANSWER✔✔- Public
Private
Community
Hybrid
What cloud model is owned by a single organization? - CORRECT ANSWER✔✔- Private
What cloud model is an arrangement of two or more cloud servers? - CORRECT
ANSWER✔✔- Hybrid
What cloud model is a shared setup between orgs? - CORRECT ANSWER✔✔- Community
,What cloud model is open for free usage? - CORRECT ANSWER✔✔- Public
What is a cloud service provider? - CORRECT ANSWER✔✔- Cloud service provider
manages and provides entire hosting ability
What is a Cloud Access Security Broker? - CORRECT ANSWER✔✔- Third-party acting as
an intermediary for identity and access management
What do regulators do? - CORRECT ANSWER✔✔- Ensure organizations are in compliance
with regulatory framework.
What word in the CIA triad describes: What protects information from unauthorized
access/dissemination? - CORRECT ANSWER✔✔- Confidentiality
What word in the CIA triad describes: Ensuring that information is not subject to
unauthorized modification? - CORRECT ANSWER✔✔- Integrity
What word in the CIA triad describes: Ensuring that authorized users can access the
information when they are permitted to do so? - CORRECT ANSWER✔✔- Availability
What is a cloud architect? - CORRECT ANSWER✔✔- Expert in cloud computing
What is cloud os also known as? - CORRECT ANSWER✔✔- PaaS
NIST standard number that lists accredited and outmoded cryptosystems - CORRECT
ANSWER✔✔- FIPS 140-2
customer may be unable to leave, migrate, or transfer to an alternate provider due to technical
or non-technical constraints. - CORRECT ANSWER✔✔- vendor lock-m
, What is cloud migration? - CORRECT ANSWER✔✔- Process of transitioning part of a
company's data or services from onsite premises to the cloud
What is cloud portability? - CORRECT ANSWER✔✔- Move applications and data between
cloud providers
What offers a degree of assurance that nobody w/o authorization will be able to access other's
data? - CORRECT ANSWER✔✔- Encryption
If a cloud customer wants a secure, isolated sandbox in order to conduct software
development and testing, which cloud service model would probably be best? - CORRECT
ANSWER✔✔- PaaS
What technology has NOT made cloud service viable? - CORRECT ANSWER✔✔- Smart
hubs
What determines the critical paths, processes, and assets of an organization? - CORRECT
ANSWER✔✔- BIA
Fully-operational environment with very little maintenance or administration necessary,
which cloud service model would probably be best? - CORRECT ANSWER✔✔- PaaS
customer is unable to recover or access their own data due to the cloud provider going into
bankruptcy or otherwise leaving the market. - CORRECT ANSWER✔✔- Vendor lock-out
What are four examples of things to know to decide how to handle risks within an org? -
CORRECT ANSWER✔✔- Inventory of all assets
Valuation of each asset
Critical paths, processes, and assets
Clear understanding of risk appetite
T/F: Assets are only tangible items. - CORRECT ANSWER✔✔- False. Assets are everything
owned or controlled by an org.
