WGU C838 OA EXAM SCRIPT 2025/2026 QUESTIONS WITH
SOLUTIONS GRADED A+
✔✔"Which cloud model offers access to a pool of fundamental IT resources such as
computing, networking, or storage?
(A) Data
(B) Platform
(C) Application
(D) Infrastructure" - ✔✔Infrastructure
✔✔"In which situation could cloud clients find it impossible to recover or access their
own data if their cloud provider goes bankrupt?
(A) Multicloud
(B) Multitenant
(C) Vendor lock-in
(D) Vendor lock-out" - ✔✔Vendor lock-out
✔✔"Which cloud deployment model is operated for a single organization?
(A) Private
(B) Public
(C) Hybrid
(D) Consortium" - ✔✔Private
✔✔"Which cloud model provides data location assurance?
(A) Hybrid
(B) Public
(C) Private
(D) Community" - ✔✔Private
✔✔"Which cloud model allows the consumer to have sole responsibility for
management and governance?
(A) Hybrid
(B) Public
(C) Private
(D) Community" - ✔✔Private
✔✔"Which technology allows an organization to control access to sensitive documents
stored in the cloud?
(A) Digital rights management (DRM)
(B) Database activity monitoring (DAM)
(C) Identity and access management (IAM)
(D) Distributed resource scheduling (DRS)" - ✔✔Digital Rights Management (DRM)
,✔✔"Which security technology can provide secure network communications from on-
site enterprise systems to a cloud platform?
(A) Web application ?rewall (WAF)
(B) Data loss prevention (DLP)
(C) Domain name system security extensions (DNSSEC)
(D) Internet protocol security (IPSec) virtual private network (VPN)" - ✔✔Internet
protocol security (IPSec) virtual private network (VPN
✔✔"How do immutable workloads effect security overhead?
(A) They reduce the management of the hosts.
(B) They create patches for a running workload.
(C) They restrict the amount of instances in a cluster.
(D) They automatically perform vulnerability scanning as they launch." - ✔✔They reduce
the management of the hosts
✔✔"Which document addresses CSP issues such as guaranteed uptime, liability,
penalties, and dispute mediation process?
(A) Service level agreement (SLA)
(B) Service organization control 3 (SOC 3)
(C) General data protection regulation (GDPR)
(D) Common criteria assurance framework (CC)" - ✔✔Service level agreement (SLA)
✔✔"Which design principle of secure cloud computing ensures that the business can
resume essential operations in the event of an availability-affecting incident?
(A) Access control
(B) Resource pooling
(C) Disaster recovery
(D) Session management" - ✔✔Disaster recovery
✔✔"Which design principle of secure cloud computing ensures that users can utilize
data and applications from around the globe?
(A) Scalability
(B) Portability
(C) Broad network access
(D) On-demand self-service" - ✔✔Broad network access
✔✔"Which design principle of secure cloud computing involves deploying cloud service
provider resources to maximize availability in the event of a failure?
(A) Elasticity
(B) Resiliency
(C) Clustering
(D) Scalability" - ✔✔Resiliency
, ✔✔"Which item should be part of the legal framework analysis if a company wishes to
store prescription drug records in a SaaS solution?
(A) U.S. Patriot Act
(B) Sarbanes-Oxley Act
(C) Federal Information Security Modernization Act
(D) Health Insurance Portability and Accountability Act" - ✔✔Health Insurance
Portability and Accountability Act
✔✔"Which standard addresses practices related to acquisition of forensic artifacts and
can be directly applied to a cloud environment?
(A) ISO/IEC 27001
(B) ISO/IEC 27050-1
(C) NIST SP 500-291
(D) NIST SP 800-145" - ✔✔ISO/IEC 27050-1
✔✔"Which regulation in the United States defines the requirements for a CSP to
implement and report on internal accounting controls?
(A) SOX
(B) GDPR
(C) HIPAA
(D) FERPA" - ✔✔SOX
✔✔"Which legislation must a trusted cloud service adhere to when utilizing the data of
EU citizens?
(A) SOX
(B) APPI
(C) GDPR
(D) EMTALA" - ✔✔GDPR
✔✔"Which logical design decision can be attributed to required regulation?
(A) Retention formats
(B) Retention periods
(C) Database reads/second
(D) Database writes/second" - ✔✔Retention periods
✔✔"Which service model influences the logical design by using additional measures in
the application to enhance security?
(A) Public cloud
(B) Hybrid cloud
(C) Platform as a service (PaaS)
(D) Software as a service (SaaS)" - ✔✔Software as a service (SaaS)
✔✔"Which environmental consideration should be addressed when planning the design
of a data center?
SOLUTIONS GRADED A+
✔✔"Which cloud model offers access to a pool of fundamental IT resources such as
computing, networking, or storage?
(A) Data
(B) Platform
(C) Application
(D) Infrastructure" - ✔✔Infrastructure
✔✔"In which situation could cloud clients find it impossible to recover or access their
own data if their cloud provider goes bankrupt?
(A) Multicloud
(B) Multitenant
(C) Vendor lock-in
(D) Vendor lock-out" - ✔✔Vendor lock-out
✔✔"Which cloud deployment model is operated for a single organization?
(A) Private
(B) Public
(C) Hybrid
(D) Consortium" - ✔✔Private
✔✔"Which cloud model provides data location assurance?
(A) Hybrid
(B) Public
(C) Private
(D) Community" - ✔✔Private
✔✔"Which cloud model allows the consumer to have sole responsibility for
management and governance?
(A) Hybrid
(B) Public
(C) Private
(D) Community" - ✔✔Private
✔✔"Which technology allows an organization to control access to sensitive documents
stored in the cloud?
(A) Digital rights management (DRM)
(B) Database activity monitoring (DAM)
(C) Identity and access management (IAM)
(D) Distributed resource scheduling (DRS)" - ✔✔Digital Rights Management (DRM)
,✔✔"Which security technology can provide secure network communications from on-
site enterprise systems to a cloud platform?
(A) Web application ?rewall (WAF)
(B) Data loss prevention (DLP)
(C) Domain name system security extensions (DNSSEC)
(D) Internet protocol security (IPSec) virtual private network (VPN)" - ✔✔Internet
protocol security (IPSec) virtual private network (VPN
✔✔"How do immutable workloads effect security overhead?
(A) They reduce the management of the hosts.
(B) They create patches for a running workload.
(C) They restrict the amount of instances in a cluster.
(D) They automatically perform vulnerability scanning as they launch." - ✔✔They reduce
the management of the hosts
✔✔"Which document addresses CSP issues such as guaranteed uptime, liability,
penalties, and dispute mediation process?
(A) Service level agreement (SLA)
(B) Service organization control 3 (SOC 3)
(C) General data protection regulation (GDPR)
(D) Common criteria assurance framework (CC)" - ✔✔Service level agreement (SLA)
✔✔"Which design principle of secure cloud computing ensures that the business can
resume essential operations in the event of an availability-affecting incident?
(A) Access control
(B) Resource pooling
(C) Disaster recovery
(D) Session management" - ✔✔Disaster recovery
✔✔"Which design principle of secure cloud computing ensures that users can utilize
data and applications from around the globe?
(A) Scalability
(B) Portability
(C) Broad network access
(D) On-demand self-service" - ✔✔Broad network access
✔✔"Which design principle of secure cloud computing involves deploying cloud service
provider resources to maximize availability in the event of a failure?
(A) Elasticity
(B) Resiliency
(C) Clustering
(D) Scalability" - ✔✔Resiliency
, ✔✔"Which item should be part of the legal framework analysis if a company wishes to
store prescription drug records in a SaaS solution?
(A) U.S. Patriot Act
(B) Sarbanes-Oxley Act
(C) Federal Information Security Modernization Act
(D) Health Insurance Portability and Accountability Act" - ✔✔Health Insurance
Portability and Accountability Act
✔✔"Which standard addresses practices related to acquisition of forensic artifacts and
can be directly applied to a cloud environment?
(A) ISO/IEC 27001
(B) ISO/IEC 27050-1
(C) NIST SP 500-291
(D) NIST SP 800-145" - ✔✔ISO/IEC 27050-1
✔✔"Which regulation in the United States defines the requirements for a CSP to
implement and report on internal accounting controls?
(A) SOX
(B) GDPR
(C) HIPAA
(D) FERPA" - ✔✔SOX
✔✔"Which legislation must a trusted cloud service adhere to when utilizing the data of
EU citizens?
(A) SOX
(B) APPI
(C) GDPR
(D) EMTALA" - ✔✔GDPR
✔✔"Which logical design decision can be attributed to required regulation?
(A) Retention formats
(B) Retention periods
(C) Database reads/second
(D) Database writes/second" - ✔✔Retention periods
✔✔"Which service model influences the logical design by using additional measures in
the application to enhance security?
(A) Public cloud
(B) Hybrid cloud
(C) Platform as a service (PaaS)
(D) Software as a service (SaaS)" - ✔✔Software as a service (SaaS)
✔✔"Which environmental consideration should be addressed when planning the design
of a data center?
