WGU COURSE C838 - MANAGING CLOUD
SECURITY EXAM 1000+ QUESTIONS WITH
ANSWERS LATEST 2025 A+ GRADED
Usage and administration of cloud services ought to be transparent to cloud
customers and users; from their perspective, a digital data service is paid for and
can be used, with very little additional input other than what is necessary to
perform their duties. - correct answers Simplicity
The organization's computing needs won't remain static: there will be new (and
hopefully more) users, customers, and data as the organization continually matures.
- correct answers Scalability
-Allows the customer to install all software, including operating systems (OSs) on
hardware housed and connected by the cloud vendor. - correct answers IaaS
-Contains everything included in IaaS, with the addition of OSs.
-The vendor is responsible for patching, administering, and updating the OS as
necessary, and the customer can install any software they deem useful.
-This model is especially useful for software development operations (DevOps)
217 | P a g e
,-Some examples include systems already loaded with a hardened operating system
such as Windows Server or Linux. - correct answers PaaS
-Includes everything listed in the previous two models, with the addition of
software programs.
-The cloud vendor is responsible for administering, patching, and updating this
software as well
-Some examples include: Google Docs, Microsoft's Office 365, QuickBooks Online,
and Customer Relationship Manager (CRM) software - correct answers SaaS
Owned by a single organization and is implemented on a cloud-based secure
environment protected by a firewall - correct answers Private Cloud
Integrated arrangement of two or more cloud servers - correct answers
Hybrid Cloud
218 | P a g e
,Multi-tenant setup shared between organizations that belong to a specific group -
correct answers Community Cloud
Delivers cloud services over a network that is open for free usage - correct
answers Public Cloud
We determine a value for every asset (usually in terms of dollars), what it would
cost the organization if we lost that asset (either temporarily or permanently),
what it would cost to replace or repair that asset, and any alternate methods for
dealing with that loss. - correct answers Business Impact Analysis (BIA)
Denotes those aspects of the organization without which the organization could not
operate or exist. These could include tangible assets, intangible assets, specific
business processes, data pathways, or even key personnel. - correct answers
Criticality
The opposite of avoidance; the risk falls within the organization's risk appetite, so
the organization continues operations without any additional efforts regarding the
risk. - correct answers Acceptance
219 | P a g e
, The organization pays someone else to accept the risk, at a lower cost than the
potential impact that would result from the risk being realized; this is usually in
the form of INSURANCE. - correct answers Transferance
The provider is responsible for connectivity and power and the customer is in
charge for the installation of software. - correct answers IaaS
The provider is responsible for updates and administration of the OS and the
customer monitors and reviews software events. - correct answers PaaS
The provider is responsible for system maintenance and the customer supplies and
processes data to and in the system. - correct answers SaaS
-All guest accounts are removed
-No default passwords remain
-Systems are patched, maintained, and updated according to vendor guidance
-All unused ports are closed
-Physical access is severely limited and controlled - correct answers Ways for
securing devices in the datacenter
220 | P a g e
SECURITY EXAM 1000+ QUESTIONS WITH
ANSWERS LATEST 2025 A+ GRADED
Usage and administration of cloud services ought to be transparent to cloud
customers and users; from their perspective, a digital data service is paid for and
can be used, with very little additional input other than what is necessary to
perform their duties. - correct answers Simplicity
The organization's computing needs won't remain static: there will be new (and
hopefully more) users, customers, and data as the organization continually matures.
- correct answers Scalability
-Allows the customer to install all software, including operating systems (OSs) on
hardware housed and connected by the cloud vendor. - correct answers IaaS
-Contains everything included in IaaS, with the addition of OSs.
-The vendor is responsible for patching, administering, and updating the OS as
necessary, and the customer can install any software they deem useful.
-This model is especially useful for software development operations (DevOps)
217 | P a g e
,-Some examples include systems already loaded with a hardened operating system
such as Windows Server or Linux. - correct answers PaaS
-Includes everything listed in the previous two models, with the addition of
software programs.
-The cloud vendor is responsible for administering, patching, and updating this
software as well
-Some examples include: Google Docs, Microsoft's Office 365, QuickBooks Online,
and Customer Relationship Manager (CRM) software - correct answers SaaS
Owned by a single organization and is implemented on a cloud-based secure
environment protected by a firewall - correct answers Private Cloud
Integrated arrangement of two or more cloud servers - correct answers
Hybrid Cloud
218 | P a g e
,Multi-tenant setup shared between organizations that belong to a specific group -
correct answers Community Cloud
Delivers cloud services over a network that is open for free usage - correct
answers Public Cloud
We determine a value for every asset (usually in terms of dollars), what it would
cost the organization if we lost that asset (either temporarily or permanently),
what it would cost to replace or repair that asset, and any alternate methods for
dealing with that loss. - correct answers Business Impact Analysis (BIA)
Denotes those aspects of the organization without which the organization could not
operate or exist. These could include tangible assets, intangible assets, specific
business processes, data pathways, or even key personnel. - correct answers
Criticality
The opposite of avoidance; the risk falls within the organization's risk appetite, so
the organization continues operations without any additional efforts regarding the
risk. - correct answers Acceptance
219 | P a g e
, The organization pays someone else to accept the risk, at a lower cost than the
potential impact that would result from the risk being realized; this is usually in
the form of INSURANCE. - correct answers Transferance
The provider is responsible for connectivity and power and the customer is in
charge for the installation of software. - correct answers IaaS
The provider is responsible for updates and administration of the OS and the
customer monitors and reviews software events. - correct answers PaaS
The provider is responsible for system maintenance and the customer supplies and
processes data to and in the system. - correct answers SaaS
-All guest accounts are removed
-No default passwords remain
-Systems are patched, maintained, and updated according to vendor guidance
-All unused ports are closed
-Physical access is severely limited and controlled - correct answers Ways for
securing devices in the datacenter
220 | P a g e
