WGU D320/CCSP
The management plane is use to administer a cloud environment and perform administrative tasks
across a variety of systems, but most specifically it's used with the hypervisors.
What does the management plane typically leverage for this orchestration?
A. APIs
B. Scripts
C. TLS
D. XML ANS: The management plane uses APIs to execute remote calls across the cloud environment to
various management systems, especially hypervisors. This allows a centralized administrative interface,
often a web portal, to orchestrate tasks throughout an enterprise. Scripts may be utilized to execute API
calls, but they are not used directly to interact with systems. XML is used for data encoding and
transmission, but not for executing remote calls. TLS is used to encrypt communications and may be
used with API calls, but it is not the actual process for executing commands.
When dealing with PII, which category pertains to those requirements that can carry legal sanctions or
penalties for failure to adequately safeguard the data and address compliance requirements?
A. Contractual
B. Jurisdictional
C. Regulated
D. Legal ANS: Regulated PII pertains to data that is outlined in law and regulations. Violations of the
requirements for the protection of regulated PII can carry legal sanctions or penalties. Contractual PII
involves required data protection that is determined by the actual service contract between the cloud
provider and cloud customer, rather than outlined by law. Violations of the provisions of contractual PII
carry potential financial or contractual implications, but not legal sanctions. Legal and jurisdictional are
similar terms to regulated, but neither is the official term used.
,Although the united states does not have a single, comprehensive privacy and regulatory framework, a
number of specific regulations pertain to types of data or populations.
Which of the following is NOT a regulatory system from the United States federal government?
A. HIPAA
B. SOX
C. FISMA
D. PCI DSS ANS: The Payment Card Industry Data Security Standard (PCI DSS) pertains to organizations
that handle credit card transactions and is an industry-regulatory standard, not a governmental one. The
Sarbanes-Oxley Act (SOX) was passed in 2002 and pertains to financial records and reporting, as well as
transparency requirements for shareholders and other stakeholders. The Health Insurance and
Portability Act (HIPAA) was passed in 1996 and pertains to data privacy and security for medical records.
FISMA refers to the Federal Information Security Management Act of 2002 and pertains to the
protection of all US federal government IT systems, with the exception of national security systems.
The president of your company has tsked you with implementing cloud services as the most efficient
way of obtaining a robust disaster recovery configuration for your production services.
Which of the cloud deployment models would you MOST likely be exploring?
A. Hybrid
B. Private
C. Community
D. Public ANS: A hybrid cloud model spans two more different hosting configurations or cloud
providers. This would enable an organization to continue using its current hosting configuration, while
adding additional cloud services to enable disaster recovery capabilities. The other cloud deployment
models--public, private, and community--would not be applicable for seeking a disaster recovery
configuration where cloud services are to be leveraged for that purpose rather than production service
hosting.
,If you are running an application that has strict legal requirements that the data cannot reside on
systems that contain other applications or systems, which aspect of cloud computing would be
prohibitive in this case?
A. Multitenancy
B. Broad network access
C. Portability
D. Elasticity ANS: Multitenancy is the aspect of cloud computing that involves having multiple customers
and applications running within the same system and sharing the same resources. Although
considerable mechanisms are in place to ensure isolation and separation, the data and applications are
ultimately using shared resources. Broad network access refers to the ability to access cloud services
from any location or client. Portability refers to the ability to easily move cloud services between
different cloud providers, whereas elasticity refers to the capabilities of a cloud environment to add or
remove services, as needed, to meet current demand.
The REST API is a widely used standard for communications of web-based services between clients and
the servers hosting them.
Which protocol does the REST API depend on?
A. HTTP
B. SSH
C. SAML
D. XML ANS: Representational State Transfer (REST) is a software architectural scheme that applies the
components, connectors, and data conduits for many web applications used on the Internet. It uses and
relies on the HTTP protocol and supports a variety of data formats. Extensible Markup Language (XML)
and Security Assertion Markup Language (SAML) are both standards for exchanging encoded data
between two parties, with XML being for more general use and SAML focused on authentication and
authorization data. Secure Shell client (SSH) is a secure method for allowing remote login to systems
over a network.
Which of the following actions will NOT make data part of the create phase of the cloud data lifecycle?
, A. Modify data
B. Modify metadata
C. New data
D. Import data ANS: Modifying the metadata does not change the actual data. Although this initial
phase is called "create", it can also refer to modification. In essence, any time data is considered "new",
it is in the create phase. This can come from data that is newly created, data that is imported into a
system and is new to that system, or data that is already present and is modified into a new form or
value.
Most APIs will support a variety of different data formats or structures.
However, the SOAP API will only support which one of the following data formats?
A. XML
B. XSLT
C. JSON
D. SAML ANS: The Simple Object Access Protocol (SOAP) protocol only supports the Extensible Markup
Language (XML) data format. Although the other options are all data formats or data structures, they
are not supported by SOAP
Which cloud storage type is typically used to house virtual machine images that are used throughout the
environment?
A. Structured
B. Unstructured
C. Volume
D. Object ANS: Object storage is typically used to house virtual machine images because it is
independent from other systems and is focused solely on storage. It is also the most appropriate for
handling large individual files. Volume storage, because it is allocated to a specific host, would not be
The management plane is use to administer a cloud environment and perform administrative tasks
across a variety of systems, but most specifically it's used with the hypervisors.
What does the management plane typically leverage for this orchestration?
A. APIs
B. Scripts
C. TLS
D. XML ANS: The management plane uses APIs to execute remote calls across the cloud environment to
various management systems, especially hypervisors. This allows a centralized administrative interface,
often a web portal, to orchestrate tasks throughout an enterprise. Scripts may be utilized to execute API
calls, but they are not used directly to interact with systems. XML is used for data encoding and
transmission, but not for executing remote calls. TLS is used to encrypt communications and may be
used with API calls, but it is not the actual process for executing commands.
When dealing with PII, which category pertains to those requirements that can carry legal sanctions or
penalties for failure to adequately safeguard the data and address compliance requirements?
A. Contractual
B. Jurisdictional
C. Regulated
D. Legal ANS: Regulated PII pertains to data that is outlined in law and regulations. Violations of the
requirements for the protection of regulated PII can carry legal sanctions or penalties. Contractual PII
involves required data protection that is determined by the actual service contract between the cloud
provider and cloud customer, rather than outlined by law. Violations of the provisions of contractual PII
carry potential financial or contractual implications, but not legal sanctions. Legal and jurisdictional are
similar terms to regulated, but neither is the official term used.
,Although the united states does not have a single, comprehensive privacy and regulatory framework, a
number of specific regulations pertain to types of data or populations.
Which of the following is NOT a regulatory system from the United States federal government?
A. HIPAA
B. SOX
C. FISMA
D. PCI DSS ANS: The Payment Card Industry Data Security Standard (PCI DSS) pertains to organizations
that handle credit card transactions and is an industry-regulatory standard, not a governmental one. The
Sarbanes-Oxley Act (SOX) was passed in 2002 and pertains to financial records and reporting, as well as
transparency requirements for shareholders and other stakeholders. The Health Insurance and
Portability Act (HIPAA) was passed in 1996 and pertains to data privacy and security for medical records.
FISMA refers to the Federal Information Security Management Act of 2002 and pertains to the
protection of all US federal government IT systems, with the exception of national security systems.
The president of your company has tsked you with implementing cloud services as the most efficient
way of obtaining a robust disaster recovery configuration for your production services.
Which of the cloud deployment models would you MOST likely be exploring?
A. Hybrid
B. Private
C. Community
D. Public ANS: A hybrid cloud model spans two more different hosting configurations or cloud
providers. This would enable an organization to continue using its current hosting configuration, while
adding additional cloud services to enable disaster recovery capabilities. The other cloud deployment
models--public, private, and community--would not be applicable for seeking a disaster recovery
configuration where cloud services are to be leveraged for that purpose rather than production service
hosting.
,If you are running an application that has strict legal requirements that the data cannot reside on
systems that contain other applications or systems, which aspect of cloud computing would be
prohibitive in this case?
A. Multitenancy
B. Broad network access
C. Portability
D. Elasticity ANS: Multitenancy is the aspect of cloud computing that involves having multiple customers
and applications running within the same system and sharing the same resources. Although
considerable mechanisms are in place to ensure isolation and separation, the data and applications are
ultimately using shared resources. Broad network access refers to the ability to access cloud services
from any location or client. Portability refers to the ability to easily move cloud services between
different cloud providers, whereas elasticity refers to the capabilities of a cloud environment to add or
remove services, as needed, to meet current demand.
The REST API is a widely used standard for communications of web-based services between clients and
the servers hosting them.
Which protocol does the REST API depend on?
A. HTTP
B. SSH
C. SAML
D. XML ANS: Representational State Transfer (REST) is a software architectural scheme that applies the
components, connectors, and data conduits for many web applications used on the Internet. It uses and
relies on the HTTP protocol and supports a variety of data formats. Extensible Markup Language (XML)
and Security Assertion Markup Language (SAML) are both standards for exchanging encoded data
between two parties, with XML being for more general use and SAML focused on authentication and
authorization data. Secure Shell client (SSH) is a secure method for allowing remote login to systems
over a network.
Which of the following actions will NOT make data part of the create phase of the cloud data lifecycle?
, A. Modify data
B. Modify metadata
C. New data
D. Import data ANS: Modifying the metadata does not change the actual data. Although this initial
phase is called "create", it can also refer to modification. In essence, any time data is considered "new",
it is in the create phase. This can come from data that is newly created, data that is imported into a
system and is new to that system, or data that is already present and is modified into a new form or
value.
Most APIs will support a variety of different data formats or structures.
However, the SOAP API will only support which one of the following data formats?
A. XML
B. XSLT
C. JSON
D. SAML ANS: The Simple Object Access Protocol (SOAP) protocol only supports the Extensible Markup
Language (XML) data format. Although the other options are all data formats or data structures, they
are not supported by SOAP
Which cloud storage type is typically used to house virtual machine images that are used throughout the
environment?
A. Structured
B. Unstructured
C. Volume
D. Object ANS: Object storage is typically used to house virtual machine images because it is
independent from other systems and is focused solely on storage. It is also the most appropriate for
handling large individual files. Volume storage, because it is allocated to a specific host, would not be
