ne
WGU C638 MANAGING CLOUD SECURITY FINAL
sh
ne
EXAM OA 100 QUESTIONS AND CORRECT
la
DETAILED ANSWERS A+ GRADED LATEST
tz
sh
VERSION 2023-2024
Sp
ne
la
sh
Sp
1) You are the security subject matter expert (SME) for an organization considering
ne
a transition from the legacy environment into a hosted cloud provider 's data center.
la
One of the challenges you 're facing is whether the cloud provider will be able to
tz
comply with the existing legislative and contractual frameworks your organization
sh
Sp
is required to follow. This is a _________ issue.
ne
la
a. Resiliency
b. Privacy
sh
Sp
c. Performance
ne
d. Regulatory - ANSWER- D
la
tz
sh
2. You are the security subject matter expert (SME) for an organization considering
Sp
ne
a transition from the legacy environ ment into a hosted cloud provider 's data center.
One of the challenges you 're facing is whether the cloud provider will be able to
la
allow your organization to substantiate and determine with some assurance that all
sh
of the contract terms are being met. This is a(n) ____________ issue. a. Regulatory
Sp
ne
b. Privacy
c. Resiliency
la
tz
d. Auditability - ANSWER- D sh
Sp
ne
3. Encryption is an essential tool for affording security to cloud-based operations.
la
While it is possible to encrypt every system, piece of data, and transaction that
takes place on the cloud, why might that not be the optimum choice for an
sh
Sp
organization?
ne
a. K ey length variances don 't provide any actual additional security.
a
tz
b. It would cause additional processing overhead and time delay.
l
sh
Sp
ne
c. It might result in vendor lockout.
la
d. The data subjects might be upset by this. - ANSWER- B
sh
Sp
4. Encryption is an essential tool for affording security to cloud-based operations.
While it is possible to encrypt every system, piece of data, and transaction tha
la
takes place on the cloud, why might that not be the optimum choice for an
Sp
, ne
organization? t
sh
a. It could increase the possibility of physical theft.
ne
b. Encryption won 't work throughout the environment.
la
c. The protection might be disproportionate to the value of the asset(s).
tz
sh
d. Users will be able to see everything within the organization. - ANSWER- C
Sp
ne
la
5. Which of the following is not an element of the identification component of
sh
Sp
identity and access management (IAM)?
ne
a. Provisioning
la
b. Management
tz
sh
c. Discretion
Sp
ne
d. Deprovisioning - ANSWER- C
la
6. Which of the following entities is most likely to play a vital role in the identity
sh
Sp
provisioning aspect of a user 's experience in an organization?
ne
a. The accounting department
la
b. The human resources (HR) office
tz
sh
c. The maintenance team
Sp
ne
d. The purchasing office - ANSWER- B
la
7. Why is the deprovisioning element of the identification component of identity
sh
and access management (IAM) so important? a. Extra accounts cost so much
Sp
ne
extra money.
b. Open but unassigned accounts are vulnerabilities.
la
tz
c. User tracking is essential to performance. sh
Sp
d. Encryption has to be maintained. - ANSWER- B
ne
la
8. All of the following are reasons to perform review and maintenance actions on
user accounts except ____________.
sh
Sp
a. To determine whether the user still needs the same access
ne
b. To determine whether the user is still with the organization
a
c. To determine whether the data set is still applicable to the user 's role
tz
l
sh
d. To determine whether the user is still performing well - ANSWER- D
Sp
ne
9. Who should be involved in review and maintenance of user accounts/access? a.
la
The user 's manager
sh
b. The security manager
Sp
c. The accounting department
d. The incident response team - ANSWER- A
la
Sp
, ne
10. Which of the following protocols is most applicable to the identification
sh
process aspect of identity and access management (IAM)?
ne
a. Secure Sockets Layer (SSL) la
b. Internet Protocol security (IPsec)
tz
sh
c. Lightweight Directory Access Protocol (LDAP)
Sp
ne
d. Amorphous ancillary data transmission (AADT) - ANSWER- C
la
11. Privileged user (administrators, managers, and so forth) accounts need to be
sh
Sp
reviewed more closely than basic user accounts. Why is this? a. Privileged users
ne
have more encryption keys.
la
b. Regular users are more trustworthy.
tz
c. There are extra controls on privileged user accounts.
sh
Sp
d. Privileged users can cause more damage to the organization. - ANSWER- D
ne
la
12. The additional review activities that might be performed for privileged user
accounts could include all of the following except _____________. a. Deeper
sh
Sp
personnel background checks
ne
b. Review of personal financial accounts for privileged users
la
c. More frequent reviews of the necessity for access
tz
sh
d. Pat-down checks of privileged users to deter against physical theft - ANSWER-
Sp
D
ne
la
13. If personal financial account reviews are performed as an additional review
sh
control for privileged users, which of the following characteristics is least likely
Sp
ne
to be a useful indicator for review purposes? a. Too much money in the account
b. Too little money in the account
la
tz
c. The bank branch being used by the privileged user sh
Sp
ne
la
d. Specific senders/recipients - ANSWER- C
sh
Sp
ne
14. How often should the accounts of privileged users be reviewed? a.
Annually
a
tz
b. Twice a year
l
sh
c. Monthly
Sp
ne
d. More often than regular user account reviews - ANSWER- D
la
15. Privileged user account access should be __________.
sh
Sp
a. Temporary
b. Pervasive
la
c. Thorough
Sp
, ne
d. Granular - ANSWER- A
sh
ne
16. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
la
common threats to organizations participating in cloud computing. According to
tz
the CSA 's Notorious Nine list, data breaches can be ____________. a. Overt or
sh
Sp
covert
ne
b. International or subterranean
la
c. From internal or external sources
sh
d. Voluminous or specific - ANSWER- C
Sp
ne
17. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
la
common threats to organizations participating in cloud computing. According to
tz
sh
the CSA, an organization that operates in the cloud environment and suffers a data
Sp
ne
breach may be required to __________. a. Notify affected users b. Reapply for
cloud service
la
c. Scrub all affected physical memory
sh
d. Change regulatory frameworks - ANSWER- A
Sp
ne
la
18. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
tz
common threats to organizations participating in cloud computing. According to
sh
Sp
the CSA, an organization that suffers a data breach might suffer all of the following
ne
negative effects except __________. a. Cost of compliance with notification laws
la
b. Loss of public perception/goodwill
c. Loss of market share
sh
Sp
ne
la
d. Cost of detection - ANSWER- D
tz
sh
Sp
19. The Cloud Security Alliance (CSA) publishes, the Notorious Nine, a list of
ne
common threats to organizations participating in cloud computing. According to
la
the CSA, in the event of a data breach, a cloud customer will likely need to comply
sh
with all the following data breach notification requirements except ____________.
Sp
a. Multiple state laws
ne
b. Contractual notification requirements
a
c. All standards-based notification schemes
tz
l
sh
d. Any applicable federal regulations - ANSWER- C
Sp
ne
20 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
la
common threats to organizations participating in cloud computing. According to
sh
Sp
the CSA, data loss can be suffered as a result of ____________ activity. a.
Malicious or inadvertent b. Casual or explicit
la
c. Web-based or stand-alone
Sp
WGU C638 MANAGING CLOUD SECURITY FINAL
sh
ne
EXAM OA 100 QUESTIONS AND CORRECT
la
DETAILED ANSWERS A+ GRADED LATEST
tz
sh
VERSION 2023-2024
Sp
ne
la
sh
Sp
1) You are the security subject matter expert (SME) for an organization considering
ne
a transition from the legacy environment into a hosted cloud provider 's data center.
la
One of the challenges you 're facing is whether the cloud provider will be able to
tz
comply with the existing legislative and contractual frameworks your organization
sh
Sp
is required to follow. This is a _________ issue.
ne
la
a. Resiliency
b. Privacy
sh
Sp
c. Performance
ne
d. Regulatory - ANSWER- D
la
tz
sh
2. You are the security subject matter expert (SME) for an organization considering
Sp
ne
a transition from the legacy environ ment into a hosted cloud provider 's data center.
One of the challenges you 're facing is whether the cloud provider will be able to
la
allow your organization to substantiate and determine with some assurance that all
sh
of the contract terms are being met. This is a(n) ____________ issue. a. Regulatory
Sp
ne
b. Privacy
c. Resiliency
la
tz
d. Auditability - ANSWER- D sh
Sp
ne
3. Encryption is an essential tool for affording security to cloud-based operations.
la
While it is possible to encrypt every system, piece of data, and transaction that
takes place on the cloud, why might that not be the optimum choice for an
sh
Sp
organization?
ne
a. K ey length variances don 't provide any actual additional security.
a
tz
b. It would cause additional processing overhead and time delay.
l
sh
Sp
ne
c. It might result in vendor lockout.
la
d. The data subjects might be upset by this. - ANSWER- B
sh
Sp
4. Encryption is an essential tool for affording security to cloud-based operations.
While it is possible to encrypt every system, piece of data, and transaction tha
la
takes place on the cloud, why might that not be the optimum choice for an
Sp
, ne
organization? t
sh
a. It could increase the possibility of physical theft.
ne
b. Encryption won 't work throughout the environment.
la
c. The protection might be disproportionate to the value of the asset(s).
tz
sh
d. Users will be able to see everything within the organization. - ANSWER- C
Sp
ne
la
5. Which of the following is not an element of the identification component of
sh
Sp
identity and access management (IAM)?
ne
a. Provisioning
la
b. Management
tz
sh
c. Discretion
Sp
ne
d. Deprovisioning - ANSWER- C
la
6. Which of the following entities is most likely to play a vital role in the identity
sh
Sp
provisioning aspect of a user 's experience in an organization?
ne
a. The accounting department
la
b. The human resources (HR) office
tz
sh
c. The maintenance team
Sp
ne
d. The purchasing office - ANSWER- B
la
7. Why is the deprovisioning element of the identification component of identity
sh
and access management (IAM) so important? a. Extra accounts cost so much
Sp
ne
extra money.
b. Open but unassigned accounts are vulnerabilities.
la
tz
c. User tracking is essential to performance. sh
Sp
d. Encryption has to be maintained. - ANSWER- B
ne
la
8. All of the following are reasons to perform review and maintenance actions on
user accounts except ____________.
sh
Sp
a. To determine whether the user still needs the same access
ne
b. To determine whether the user is still with the organization
a
c. To determine whether the data set is still applicable to the user 's role
tz
l
sh
d. To determine whether the user is still performing well - ANSWER- D
Sp
ne
9. Who should be involved in review and maintenance of user accounts/access? a.
la
The user 's manager
sh
b. The security manager
Sp
c. The accounting department
d. The incident response team - ANSWER- A
la
Sp
, ne
10. Which of the following protocols is most applicable to the identification
sh
process aspect of identity and access management (IAM)?
ne
a. Secure Sockets Layer (SSL) la
b. Internet Protocol security (IPsec)
tz
sh
c. Lightweight Directory Access Protocol (LDAP)
Sp
ne
d. Amorphous ancillary data transmission (AADT) - ANSWER- C
la
11. Privileged user (administrators, managers, and so forth) accounts need to be
sh
Sp
reviewed more closely than basic user accounts. Why is this? a. Privileged users
ne
have more encryption keys.
la
b. Regular users are more trustworthy.
tz
c. There are extra controls on privileged user accounts.
sh
Sp
d. Privileged users can cause more damage to the organization. - ANSWER- D
ne
la
12. The additional review activities that might be performed for privileged user
accounts could include all of the following except _____________. a. Deeper
sh
Sp
personnel background checks
ne
b. Review of personal financial accounts for privileged users
la
c. More frequent reviews of the necessity for access
tz
sh
d. Pat-down checks of privileged users to deter against physical theft - ANSWER-
Sp
D
ne
la
13. If personal financial account reviews are performed as an additional review
sh
control for privileged users, which of the following characteristics is least likely
Sp
ne
to be a useful indicator for review purposes? a. Too much money in the account
b. Too little money in the account
la
tz
c. The bank branch being used by the privileged user sh
Sp
ne
la
d. Specific senders/recipients - ANSWER- C
sh
Sp
ne
14. How often should the accounts of privileged users be reviewed? a.
Annually
a
tz
b. Twice a year
l
sh
c. Monthly
Sp
ne
d. More often than regular user account reviews - ANSWER- D
la
15. Privileged user account access should be __________.
sh
Sp
a. Temporary
b. Pervasive
la
c. Thorough
Sp
, ne
d. Granular - ANSWER- A
sh
ne
16. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
la
common threats to organizations participating in cloud computing. According to
tz
the CSA 's Notorious Nine list, data breaches can be ____________. a. Overt or
sh
Sp
covert
ne
b. International or subterranean
la
c. From internal or external sources
sh
d. Voluminous or specific - ANSWER- C
Sp
ne
17. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
la
common threats to organizations participating in cloud computing. According to
tz
sh
the CSA, an organization that operates in the cloud environment and suffers a data
Sp
ne
breach may be required to __________. a. Notify affected users b. Reapply for
cloud service
la
c. Scrub all affected physical memory
sh
d. Change regulatory frameworks - ANSWER- A
Sp
ne
la
18. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
tz
common threats to organizations participating in cloud computing. According to
sh
Sp
the CSA, an organization that suffers a data breach might suffer all of the following
ne
negative effects except __________. a. Cost of compliance with notification laws
la
b. Loss of public perception/goodwill
c. Loss of market share
sh
Sp
ne
la
d. Cost of detection - ANSWER- D
tz
sh
Sp
19. The Cloud Security Alliance (CSA) publishes, the Notorious Nine, a list of
ne
common threats to organizations participating in cloud computing. According to
la
the CSA, in the event of a data breach, a cloud customer will likely need to comply
sh
with all the following data breach notification requirements except ____________.
Sp
a. Multiple state laws
ne
b. Contractual notification requirements
a
c. All standards-based notification schemes
tz
l
sh
d. Any applicable federal regulations - ANSWER- C
Sp
ne
20 The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of
la
common threats to organizations participating in cloud computing. According to
sh
Sp
the CSA, data loss can be suffered as a result of ____________ activity. a.
Malicious or inadvertent b. Casual or explicit
la
c. Web-based or stand-alone
Sp
