C838- WGU-PRE-Assessment TEST
WITH QUESTIONS AND 100% CORRECT
ANSWERS
"Which consideration should be taken into account when reviewing a cloud service
provider's risk of potential outage time?
(A) The type of database
(B) The provider's support services
(C) The unique history of the provider
(D) The amount of cloud service offerings"
- CORRECT ANSWER The unique history of the provider
"Which cloud security control eliminates the risk of a virtualization guest escape from
another tenant?
(A) Dedicated hosting
(B) File integrity monitor
(C) Hardware hypervisor
(D) Immutable virtual machines"
- CORRECT ANSWER Dedicated hosting
"Which cloud security control is a countermeasure for man-in-the-middle attacks?
(A) Reviewing log data
(B) Backing up data offsite
(C) Using block data storage
(D) Encrypting data in transit"
- CORRECT ANSWER Encrypting data in transit
"Which data retention policy controls how long health insurance portability and
accountability act (HIPAA) data can be archived?
(A) Enforcement
(B) Maintenance
(C) Data classification
(D) Applicable regulation"
- CORRECT ANSWER Applicable regulation
"Which disaster recovery (DR) site results in the quickest recovery in the event of a
disaster?
(A) Hot
(B) Cold
(C) Passive
(D) Reserve"
- CORRECT ANSWER HOT
,"Where should the location be for the final data backup repository in the event that the
disaster recovery plan is enacted for the CSP of disaster recovery (DR) service?
(A) Tape drive
(B) Local storage
(C) Cloud platform
(D) Company headquarters"
- CORRECT ANSWER Cloud platform
"Which technology should be included in the disaster recovery plan to prevent data
loss?
(A) Locked racks
(B) System patches
(C) Offsite backups
(D) Video surveillance"
- CORRECT ANSWER Offsite backups
"Which disaster recovery plan metric indicates how long critical functions can be
unavailable before the organization is irretrievably affected?
(A) Recovery time objective (RTO)
(B) Mean time to switchover (MTS)
(C) Recovery point objective (RPO)
(D) Maximum allowable downtime (MAD)"
- CORRECT ANSWER Maximum allowable downtime (MAD)
"Which assumption about a CSP should be avoided when considering risks in a disaster
recovery (DR) plan?
(A) Provider's history
(B) Continuity planning
(C) Level of resiliency
(D) Costs will remain the same"
- CORRECT ANSWER Level of resiliency
"An architect needs to constrain problems to a level that can be controlled when the
problem exceeds the capabilities of disaster recovery (DR) controls.
Which aspect of the plan will provide this guarantee?
(A) Ensuring data backups
(B) Managing plane controls
(C) Handling provider outages
(D) Evaluating portability alternatives"
- CORRECT ANSWER Handling provider outages
"Which aspect of business continuity planning considers the alternatives to be used
when there is a complete loss of the provider?
(A) Ensuring resiliency
(B) Managing plane controls
(C) Considering portability options
, (D) Managing cloud provider outages"
- CORRECT ANSWER Considering portability options
"What is a key method associated with a risk-based approach to business continuity
planning?
(A) Using existing network technology
(B) Leveraging software-defined networking
(C) Applying internal authentication and credential passing
(D) Considering the degree of continuity required for assets"
- CORRECT ANSWER Considering the degree of continuity required for assets
"Which testing method must be performed to demonstrate the effectiveness of a
business continuity plan and procedures?
(A) SAST
(B) DAST
(C) Failover
(D) Penetration"
- CORRECT ANSWER Failover
"Which process involves the use of electronic data as evidence in a civil or criminal legal
case?
(A) Due diligence
(B) Cloud governance
(C) Auditing in the cloud
(D) eDiscovery investigations"
- CORRECT ANSWER eDiscovery investigations
"Which standard addresses the privacy aspects of cloud computing for consumers?
(A) ISO 19011:2011
(B) ISO 27001:2013
(C) ISO 27018:2014
(D) ISO 27017:2015"
- CORRECT ANSWER ISO 27018:2014
"Which international standard guide provides procedures for incident investigation
principles and processes?
(A) ISO/IEC 27034-1:2011
(B) ISO/IEC 27037:2012
(C) ISO/IEC 27001:2013
(D) ISO/IEC 27043:2015"
- CORRECT ANSWER ISO/IEC 27043:2015
"Which group is legally bound by the general data protection regulation (GDPR)?
(A) Only corporations headquartered in the EU
(B) Only corporations that processes the data of EU citizens
(C) Only corporations that have operations in more than one EU nation
WITH QUESTIONS AND 100% CORRECT
ANSWERS
"Which consideration should be taken into account when reviewing a cloud service
provider's risk of potential outage time?
(A) The type of database
(B) The provider's support services
(C) The unique history of the provider
(D) The amount of cloud service offerings"
- CORRECT ANSWER The unique history of the provider
"Which cloud security control eliminates the risk of a virtualization guest escape from
another tenant?
(A) Dedicated hosting
(B) File integrity monitor
(C) Hardware hypervisor
(D) Immutable virtual machines"
- CORRECT ANSWER Dedicated hosting
"Which cloud security control is a countermeasure for man-in-the-middle attacks?
(A) Reviewing log data
(B) Backing up data offsite
(C) Using block data storage
(D) Encrypting data in transit"
- CORRECT ANSWER Encrypting data in transit
"Which data retention policy controls how long health insurance portability and
accountability act (HIPAA) data can be archived?
(A) Enforcement
(B) Maintenance
(C) Data classification
(D) Applicable regulation"
- CORRECT ANSWER Applicable regulation
"Which disaster recovery (DR) site results in the quickest recovery in the event of a
disaster?
(A) Hot
(B) Cold
(C) Passive
(D) Reserve"
- CORRECT ANSWER HOT
,"Where should the location be for the final data backup repository in the event that the
disaster recovery plan is enacted for the CSP of disaster recovery (DR) service?
(A) Tape drive
(B) Local storage
(C) Cloud platform
(D) Company headquarters"
- CORRECT ANSWER Cloud platform
"Which technology should be included in the disaster recovery plan to prevent data
loss?
(A) Locked racks
(B) System patches
(C) Offsite backups
(D) Video surveillance"
- CORRECT ANSWER Offsite backups
"Which disaster recovery plan metric indicates how long critical functions can be
unavailable before the organization is irretrievably affected?
(A) Recovery time objective (RTO)
(B) Mean time to switchover (MTS)
(C) Recovery point objective (RPO)
(D) Maximum allowable downtime (MAD)"
- CORRECT ANSWER Maximum allowable downtime (MAD)
"Which assumption about a CSP should be avoided when considering risks in a disaster
recovery (DR) plan?
(A) Provider's history
(B) Continuity planning
(C) Level of resiliency
(D) Costs will remain the same"
- CORRECT ANSWER Level of resiliency
"An architect needs to constrain problems to a level that can be controlled when the
problem exceeds the capabilities of disaster recovery (DR) controls.
Which aspect of the plan will provide this guarantee?
(A) Ensuring data backups
(B) Managing plane controls
(C) Handling provider outages
(D) Evaluating portability alternatives"
- CORRECT ANSWER Handling provider outages
"Which aspect of business continuity planning considers the alternatives to be used
when there is a complete loss of the provider?
(A) Ensuring resiliency
(B) Managing plane controls
(C) Considering portability options
, (D) Managing cloud provider outages"
- CORRECT ANSWER Considering portability options
"What is a key method associated with a risk-based approach to business continuity
planning?
(A) Using existing network technology
(B) Leveraging software-defined networking
(C) Applying internal authentication and credential passing
(D) Considering the degree of continuity required for assets"
- CORRECT ANSWER Considering the degree of continuity required for assets
"Which testing method must be performed to demonstrate the effectiveness of a
business continuity plan and procedures?
(A) SAST
(B) DAST
(C) Failover
(D) Penetration"
- CORRECT ANSWER Failover
"Which process involves the use of electronic data as evidence in a civil or criminal legal
case?
(A) Due diligence
(B) Cloud governance
(C) Auditing in the cloud
(D) eDiscovery investigations"
- CORRECT ANSWER eDiscovery investigations
"Which standard addresses the privacy aspects of cloud computing for consumers?
(A) ISO 19011:2011
(B) ISO 27001:2013
(C) ISO 27018:2014
(D) ISO 27017:2015"
- CORRECT ANSWER ISO 27018:2014
"Which international standard guide provides procedures for incident investigation
principles and processes?
(A) ISO/IEC 27034-1:2011
(B) ISO/IEC 27037:2012
(C) ISO/IEC 27001:2013
(D) ISO/IEC 27043:2015"
- CORRECT ANSWER ISO/IEC 27043:2015
"Which group is legally bound by the general data protection regulation (GDPR)?
(A) Only corporations headquartered in the EU
(B) Only corporations that processes the data of EU citizens
(C) Only corporations that have operations in more than one EU nation
