WGU C838 MANAGING CLOUD SECURITY ACTUAL OA
EXAM LATEST QUESTIONS AND CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS) | ALREADY GRADED A+
Infrastructure as a Service (IaaS) - ANSWER: Allows the customer to install all
software, including operating systems (OSs) on hardware housed and connected by
the cloud vendor.
Platform as a Service (PaaS) - ANSWER: Contains everything included in IaaS, with
the addition of OSs. This model is especially useful for software development
operations (DevOps).
Software as a Service (SaaS) - ANSWER: Includes everything listed in the previous
Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) models, with the
addition of software programs.
Encryption - ANSWER: Offers a degree of assurance that nobody without
authorization will be able to access your data in a meaningful way.
Cloud Service Provider (CSP) - ANSWER: Provides administrative assistance for the
customer and the customer's data and processing needs. Examples include Amazon
Web Services, Rackspace, and Microsoft's Azure.
Virtualization - ANSWER: A process of creating a virtual version of something,
including virtual computer hardware platforms, operating systems, storage devices,
and computer network resources.
Vendor lock-in - ANSWER: Occurs in a situation where a customer may be unable to
leave, migrate, or transfer to an alternate provider due to technical or non-technical
constraints.
Cloud provider - ANSWER: A service provider that offers customer storage or
software solutions available via a public network, usually the Internet.
Cloud portability - ANSWER: The ability to move applications and associated data
between one cloud provider and another, or between legacy and cloud
environments.
Cloud Access Security Broker (CASB) - ANSWER: A third-party entity offering
independent identity and access management (IAM) services to CSPs and cloud
customers, often as an intermediary.
We use what to determine the critical paths, processes, and assets of an
organization? - ANSWER: BIA (The business impact analysis is designed to ascertain
the value of the organization's assets, and learn the critical paths and processes.)
, If a cloud customer wants a bare-bones environment in which to replicate their own
enterprise for BC/DR purposes, which cloud service model would probably be best? -
ANSWER: IaaS - IaaS offers what is basically a hot/warm DR site, with hardware,
connectivity, and utilities, allowing the customer to build out any kind of software
configuration (including choosing OSs).
If a service or solution does not meet all of the specified key characteristics listed
below, it is said to be not true cloud computing. Please select the valid cloud
computing characteristics out of the terms identified below. - ANSWER: Here are the
characteristics of cloud computing:
Broad network access
Resource pooling
Measured service
On demand self-service
Rapid expansion
The risk that a cloud provider might go out of business and the cloud customer might
not be able to recover data is known as: - ANSWER: Vendor lock-out
Cloud Access Security Brokers (CASBs) might offer all the following services except: -
ANSWER: BC/DR/COOP (CASBs don't usually offer BC/DR/COOP services; that's
something offered by cloud providers.)
Mitigation - ANSWER: A process of taking steps to decrease the likelihood or the
impact of the risk.
Transference - ANSWER: A risk management strategy that involves the contractual
shifting of a risk from one organization to another.
Layered defenses - ANSWER: The practice of having multiple overlapping means of
securing the environment with a variety of methods.
Risk appetite - ANSWER: Refers to the level, amount, or type of risk that the
organization finds acceptable.
Avoidance - ANSWER: Eliminating the risk that is simply too high and cannot be
compensated for with adequate control mechanism.
IaaS boundaries - ANSWER: The cloud provider creates and administers the
hardware assets on which the customer's programs and data will ride.
PaaS boundaries - ANSWER: The cloud provider is responsible for installing,
maintaining, and administering the OS.
In which cloud service model is the customer required to maintain and update only
the applications? - ANSWER: PaaS (In PaaS, the provider supplies the hardware,
EXAM LATEST QUESTIONS AND CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS) | ALREADY GRADED A+
Infrastructure as a Service (IaaS) - ANSWER: Allows the customer to install all
software, including operating systems (OSs) on hardware housed and connected by
the cloud vendor.
Platform as a Service (PaaS) - ANSWER: Contains everything included in IaaS, with
the addition of OSs. This model is especially useful for software development
operations (DevOps).
Software as a Service (SaaS) - ANSWER: Includes everything listed in the previous
Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) models, with the
addition of software programs.
Encryption - ANSWER: Offers a degree of assurance that nobody without
authorization will be able to access your data in a meaningful way.
Cloud Service Provider (CSP) - ANSWER: Provides administrative assistance for the
customer and the customer's data and processing needs. Examples include Amazon
Web Services, Rackspace, and Microsoft's Azure.
Virtualization - ANSWER: A process of creating a virtual version of something,
including virtual computer hardware platforms, operating systems, storage devices,
and computer network resources.
Vendor lock-in - ANSWER: Occurs in a situation where a customer may be unable to
leave, migrate, or transfer to an alternate provider due to technical or non-technical
constraints.
Cloud provider - ANSWER: A service provider that offers customer storage or
software solutions available via a public network, usually the Internet.
Cloud portability - ANSWER: The ability to move applications and associated data
between one cloud provider and another, or between legacy and cloud
environments.
Cloud Access Security Broker (CASB) - ANSWER: A third-party entity offering
independent identity and access management (IAM) services to CSPs and cloud
customers, often as an intermediary.
We use what to determine the critical paths, processes, and assets of an
organization? - ANSWER: BIA (The business impact analysis is designed to ascertain
the value of the organization's assets, and learn the critical paths and processes.)
, If a cloud customer wants a bare-bones environment in which to replicate their own
enterprise for BC/DR purposes, which cloud service model would probably be best? -
ANSWER: IaaS - IaaS offers what is basically a hot/warm DR site, with hardware,
connectivity, and utilities, allowing the customer to build out any kind of software
configuration (including choosing OSs).
If a service or solution does not meet all of the specified key characteristics listed
below, it is said to be not true cloud computing. Please select the valid cloud
computing characteristics out of the terms identified below. - ANSWER: Here are the
characteristics of cloud computing:
Broad network access
Resource pooling
Measured service
On demand self-service
Rapid expansion
The risk that a cloud provider might go out of business and the cloud customer might
not be able to recover data is known as: - ANSWER: Vendor lock-out
Cloud Access Security Brokers (CASBs) might offer all the following services except: -
ANSWER: BC/DR/COOP (CASBs don't usually offer BC/DR/COOP services; that's
something offered by cloud providers.)
Mitigation - ANSWER: A process of taking steps to decrease the likelihood or the
impact of the risk.
Transference - ANSWER: A risk management strategy that involves the contractual
shifting of a risk from one organization to another.
Layered defenses - ANSWER: The practice of having multiple overlapping means of
securing the environment with a variety of methods.
Risk appetite - ANSWER: Refers to the level, amount, or type of risk that the
organization finds acceptable.
Avoidance - ANSWER: Eliminating the risk that is simply too high and cannot be
compensated for with adequate control mechanism.
IaaS boundaries - ANSWER: The cloud provider creates and administers the
hardware assets on which the customer's programs and data will ride.
PaaS boundaries - ANSWER: The cloud provider is responsible for installing,
maintaining, and administering the OS.
In which cloud service model is the customer required to maintain and update only
the applications? - ANSWER: PaaS (In PaaS, the provider supplies the hardware,
