Heat maps
WGU D485 DGN2 Task 1: Cloud Security
Implementation PLAN |Latest Update With
Complete Solution
CLOUDSECURITY - D485
PRFA -DGN2
Task Overview Submissions Evaluation Report
COMPETENCIES
4114.1.1 : Designs Secure Cloud Solutions
The learner designs secure cloud solutions for data protection.
4114.1.2 : Implements Security Cloud Solutions
The learner implements secure identity and access management cloud solutions for data protection.
4114.1.3 : Analyzes Risk Management Plan
The learner analyzes a risk management plan for threat mitigation countermeasures in the cloud.
INTRODUCTION
Throughout your career in cloud security administration and engineering, you will be asked to develop and
improve cloud resources to support a company's security posture. You will need to configure the security
settings for a cloud service model to be in alignment with an organization's business requirements.
In this task, you will be given a scenario that includes business requirements from a company's IT
department. Using the provided lab environment, you will update the cloud security configurations of the
company. You will submit a report to executives outlining your security plan and the updated configurations.
You will need to read the attached “Company Overview and Requirements” prior to starting your work.
Please note that the live lab environment has a 4-hour time limit. At the end of the 4-hour time limit, 15-
minute extensions will be offered(up to an additional2 hours). See the “D485 Skillable Lab FAQ”attachment
for more information.
SCENARIO
As organizations embrace cloud computing, cybersecurity practices continue to evolve. A robust cloud
security posture protects assets from bad actors and helps organizations realize the benefits of cloud
computing. In this task, you will assume the role of cloud security engineer for SWBTL LLC. You have
been hired following the departure of a disgruntled employee who left behind no documentation and
created cybersecurity concerns.
, You will analyze the current environment, using the lab environment web link and the“Company
Overview and Requirements” attachment, making recommendations and implementing configuration
changes in alignment with regulatory and business requirements. The analysis should also include shared
responsibilities, risks, threats, and countermeasures. The chief information officer has requested a walk-
through of the environment with demonstrations of security misalignments, updated configurations, and how
the updates meet compliance requirements.
In your lab instance, you will be provided accounts on the right-hand side that correspond to the specific
job roles. Use only those accounts to complete your task. You may see other accounts or groups in the
lab, but those should not be used.
REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and
no more than a 10% match to anyone individual source can be directly quoted or closelyparaphrased from
sources, even if cited correctly. The similarity report that is provided when you submit your task can be used
as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that
will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric
aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc.,
unless specified in the task requirements. All other submissions must be file types that are
uploadedandsubmitted as attachments(e.g., .docx,.pdf;.ppt).
A. Provide an executive summary of the company's current security environment based on the business
requirements given in the“Company Overview and Requirements”document.
B. Describe a proposed course of action for a secure Azure cloud solution for the company, based on
the given scenario, and include the following in your description:
• identification of the service model
• applicable regulatory compliance directives
• security benefits and challenges of transitioning to this service model
C. Analyze the current state of role-based access controls in the cloud lab environment for the
marketing, accounting, and IT resource groups.
1. Discuss three recommendations for role-based access controls that can be configured in
alignment with the principle of least privilege based on the business requirements in the given
scenario.
2. Configure the role-based access controls in alignment with your given recommendations in part
C1 and provide a screenshot for each of the updated configurations. The screenshots must be
clear and show the full view of your screen, including the date and time.
D. Analyze the existing Azure Key Vaults in the cloud lab environment focusing on encrypting data in
transit and data at rest for the marketing, accounting, and IT resource groups.
1. Implement two best practices for Azure Key Vaults applicable to the resource groups listed and
in alignment with the given scenario, providing screenshots of your updated access policies for
This study source weaascd h
o wgn rlooau
depd. bTyh4e
93s8c6 r4 efreonmschliofftssnom
tesu
.cso tmboen 0c4l-e2a1r-2a02n5d10s:h17o:w
02 tGhMeTf-u0l5l:0v0iew of your screen, including the date
and time.
WGU D485 DGN2 Task 1: Cloud Security
Implementation PLAN |Latest Update With
Complete Solution
CLOUDSECURITY - D485
PRFA -DGN2
Task Overview Submissions Evaluation Report
COMPETENCIES
4114.1.1 : Designs Secure Cloud Solutions
The learner designs secure cloud solutions for data protection.
4114.1.2 : Implements Security Cloud Solutions
The learner implements secure identity and access management cloud solutions for data protection.
4114.1.3 : Analyzes Risk Management Plan
The learner analyzes a risk management plan for threat mitigation countermeasures in the cloud.
INTRODUCTION
Throughout your career in cloud security administration and engineering, you will be asked to develop and
improve cloud resources to support a company's security posture. You will need to configure the security
settings for a cloud service model to be in alignment with an organization's business requirements.
In this task, you will be given a scenario that includes business requirements from a company's IT
department. Using the provided lab environment, you will update the cloud security configurations of the
company. You will submit a report to executives outlining your security plan and the updated configurations.
You will need to read the attached “Company Overview and Requirements” prior to starting your work.
Please note that the live lab environment has a 4-hour time limit. At the end of the 4-hour time limit, 15-
minute extensions will be offered(up to an additional2 hours). See the “D485 Skillable Lab FAQ”attachment
for more information.
SCENARIO
As organizations embrace cloud computing, cybersecurity practices continue to evolve. A robust cloud
security posture protects assets from bad actors and helps organizations realize the benefits of cloud
computing. In this task, you will assume the role of cloud security engineer for SWBTL LLC. You have
been hired following the departure of a disgruntled employee who left behind no documentation and
created cybersecurity concerns.
, You will analyze the current environment, using the lab environment web link and the“Company
Overview and Requirements” attachment, making recommendations and implementing configuration
changes in alignment with regulatory and business requirements. The analysis should also include shared
responsibilities, risks, threats, and countermeasures. The chief information officer has requested a walk-
through of the environment with demonstrations of security misalignments, updated configurations, and how
the updates meet compliance requirements.
In your lab instance, you will be provided accounts on the right-hand side that correspond to the specific
job roles. Use only those accounts to complete your task. You may see other accounts or groups in the
lab, but those should not be used.
REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and
no more than a 10% match to anyone individual source can be directly quoted or closelyparaphrased from
sources, even if cited correctly. The similarity report that is provided when you submit your task can be used
as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that
will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric
aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc.,
unless specified in the task requirements. All other submissions must be file types that are
uploadedandsubmitted as attachments(e.g., .docx,.pdf;.ppt).
A. Provide an executive summary of the company's current security environment based on the business
requirements given in the“Company Overview and Requirements”document.
B. Describe a proposed course of action for a secure Azure cloud solution for the company, based on
the given scenario, and include the following in your description:
• identification of the service model
• applicable regulatory compliance directives
• security benefits and challenges of transitioning to this service model
C. Analyze the current state of role-based access controls in the cloud lab environment for the
marketing, accounting, and IT resource groups.
1. Discuss three recommendations for role-based access controls that can be configured in
alignment with the principle of least privilege based on the business requirements in the given
scenario.
2. Configure the role-based access controls in alignment with your given recommendations in part
C1 and provide a screenshot for each of the updated configurations. The screenshots must be
clear and show the full view of your screen, including the date and time.
D. Analyze the existing Azure Key Vaults in the cloud lab environment focusing on encrypting data in
transit and data at rest for the marketing, accounting, and IT resource groups.
1. Implement two best practices for Azure Key Vaults applicable to the resource groups listed and
in alignment with the given scenario, providing screenshots of your updated access policies for
This study source weaascd h
o wgn rlooau
depd. bTyh4e
93s8c6 r4 efreonmschliofftssnom
tesu
.cso tmboen 0c4l-e2a1r-2a02n5d10s:h17o:w
02 tGhMeTf-u0l5l:0v0iew of your screen, including the date
and time.
