WGU COURSE C838 - MANAGING CLOUD
SECURITY EXAM 2 QUESTIONS WITH 100%
Verified Correct ANSWERS LATEST 2025-26
GRADED A+
XaaS refers to the growing diversity of services available over the Internet via
cloud computing as opposed to being provided locally, or on-premises. - correct
answers Anything as a Service (XaaS)
An open -source cloud computing and infrastructure as a service (IaaS) platform
developed to help IaaS make creating, deploying, and managing cloud services
easier by providing a complete stack of features and components for cloud
environments. - correct answers Apache CloudStack
A subset of the organizational normative framework (ONF) that contains only the
information required for a specific business application to reach the targeted level
of trust. - correct answers Application Normative Framework (ANF)
A set of routines, standards, protocols, and tools for building software applications to
access a web-based software application or web tool. - correct answers
Application Programming Interfaces (APIs)
Software technology that encapsulates application software from the underlying
operating system (OS) on which it is executed. - correct answers Application
Virtualization
1|Page
,The act of identifying or verifying the eligibility of a station, originator, or
individual to access specific categories of information. Typically, a measure
designed to protect against fraudulent transmissions by establishing the validity of
a transmission, message, station, or originator. - correct answers
Authentication
Establishes identity by asking who you are and determining whether you are a
legitimate user. - correct answers Authentication
The granting of right of access to a user, program, or process. - correct answers
Authorization
Eliminating the risk that is simply too high and cannot be compensated for with
adequate control mechanism--a risk that exceeds the organization's appetite. -
correct answers Avoidance
Usually involves splitting up and storing encrypted information across different
cloud storage services. - correct answers Bit Splitting
3|Page
,A blank volume that the customer or user can put anything into and it might allow
more flexibility and higher performance. - correct answers Block storage
An exercise that determines the impact of losing the support of any resource to an
organization, establishes the escalation of that loss over time, identifies the
minimum resources needed to recover, and prioritizes the recovery of processes
and supporting systems. - correct answers Business Impact Analysis (BIA)
1 The identity of persons who handle evidence between the time of commission of
the alleged offense and the ultimate disposition of the case. It is the responsibility
of each transferee to ensure that the items are accounted for during the time they are
in his possession, that they are properly protected, and that there is a record of the
names of the persons from whom he received the items and to whom he delivered
those items, together with the time and date of such receipt and delivery.
2 The control over evidence. Lack of control over evidence can lead to its being
discredited completely. Chain of custody depends on being able to verify that
evidence could not have been tampered with. This is accomplished by sealing off
the evidence so that it cannot in any way be changed and providing a
documentary record of custody to prove that the evidence was at all times under
strict control and not subject to tampering. - correct answers Chain of Custody
5|Page
, Refers to a documentation that records all evidences need to be tracked and
monitored from the time they are recognized as evidence and acquired for that
purpose. - correct answers Chain of custody
A third-party entity offering independent identity and access management (IAM)
services to CSPs and cloud customers, often as an intermediary. - correct answers
Cloud Access Security Broker (CASB)
This individual is typically responsible for the implementation, monitoring, and
maintenance of the cloud within the organization or on behalf of an organization
(acting as a third party). - correct answers Cloud Administrator
Short for cloud application, cloud app is the phrase used to describe a software
application that is never installed on a local computer. Instead, it is accessed via
the Internet. - correct answers Cloud App (Cloud Application)
Typically responsible for adapting, porting, or deploying an application to a target
cloud environment. - correct answers Cloud Application Architect
7|Page
SECURITY EXAM 2 QUESTIONS WITH 100%
Verified Correct ANSWERS LATEST 2025-26
GRADED A+
XaaS refers to the growing diversity of services available over the Internet via
cloud computing as opposed to being provided locally, or on-premises. - correct
answers Anything as a Service (XaaS)
An open -source cloud computing and infrastructure as a service (IaaS) platform
developed to help IaaS make creating, deploying, and managing cloud services
easier by providing a complete stack of features and components for cloud
environments. - correct answers Apache CloudStack
A subset of the organizational normative framework (ONF) that contains only the
information required for a specific business application to reach the targeted level
of trust. - correct answers Application Normative Framework (ANF)
A set of routines, standards, protocols, and tools for building software applications to
access a web-based software application or web tool. - correct answers
Application Programming Interfaces (APIs)
Software technology that encapsulates application software from the underlying
operating system (OS) on which it is executed. - correct answers Application
Virtualization
1|Page
,The act of identifying or verifying the eligibility of a station, originator, or
individual to access specific categories of information. Typically, a measure
designed to protect against fraudulent transmissions by establishing the validity of
a transmission, message, station, or originator. - correct answers
Authentication
Establishes identity by asking who you are and determining whether you are a
legitimate user. - correct answers Authentication
The granting of right of access to a user, program, or process. - correct answers
Authorization
Eliminating the risk that is simply too high and cannot be compensated for with
adequate control mechanism--a risk that exceeds the organization's appetite. -
correct answers Avoidance
Usually involves splitting up and storing encrypted information across different
cloud storage services. - correct answers Bit Splitting
3|Page
,A blank volume that the customer or user can put anything into and it might allow
more flexibility and higher performance. - correct answers Block storage
An exercise that determines the impact of losing the support of any resource to an
organization, establishes the escalation of that loss over time, identifies the
minimum resources needed to recover, and prioritizes the recovery of processes
and supporting systems. - correct answers Business Impact Analysis (BIA)
1 The identity of persons who handle evidence between the time of commission of
the alleged offense and the ultimate disposition of the case. It is the responsibility
of each transferee to ensure that the items are accounted for during the time they are
in his possession, that they are properly protected, and that there is a record of the
names of the persons from whom he received the items and to whom he delivered
those items, together with the time and date of such receipt and delivery.
2 The control over evidence. Lack of control over evidence can lead to its being
discredited completely. Chain of custody depends on being able to verify that
evidence could not have been tampered with. This is accomplished by sealing off
the evidence so that it cannot in any way be changed and providing a
documentary record of custody to prove that the evidence was at all times under
strict control and not subject to tampering. - correct answers Chain of Custody
5|Page
, Refers to a documentation that records all evidences need to be tracked and
monitored from the time they are recognized as evidence and acquired for that
purpose. - correct answers Chain of custody
A third-party entity offering independent identity and access management (IAM)
services to CSPs and cloud customers, often as an intermediary. - correct answers
Cloud Access Security Broker (CASB)
This individual is typically responsible for the implementation, monitoring, and
maintenance of the cloud within the organization or on behalf of an organization
(acting as a third party). - correct answers Cloud Administrator
Short for cloud application, cloud app is the phrase used to describe a software
application that is never installed on a local computer. Instead, it is accessed via
the Internet. - correct answers Cloud App (Cloud Application)
Typically responsible for adapting, porting, or deploying an application to a target
cloud environment. - correct answers Cloud Application Architect
7|Page
