Page 1 of 18
WGU D320 – Managing Cloud Security (2026) | Verified CCSP
Exam Prep Questions & Complete Study Guide
Who is ultimately legally liable for any loss of data even in the case of negligence or
malice? - ANSWER-Cloud Customers are legally responsible for what?
This is considered an asset? - ANSWER-Data is considered what?
What are the phases of the Data Life Cycle? - ANSWER-What process do these
ordered steps constitute?
1. Create
2. Store
3. Use
4. Share
5. Archive
6. Destroy
Who is responsible for data Categorization and Classification during the Creation
Phase? - ANSWER-What is the primary responsibility of the Data Owner
What is the preferred upload method to the Cloud during the Store Phase? -
ANSWER-What are IPSec and TLS 1.2 (or higher version) VPNs used for?
What is the recommended "Don't" of crypto key storage? - ANSWER-Do not store
crypto keys with the cloud provider whether or not the cloud customer chooses to
use a CASB.
, Page 2 of 18
What do Regulators do? - ANSWER-Who arranges Cloud Services?
What is the role of Transference in addressing risks? - ANSWER-What is one of the
main methods of addressing risks?
what does Critique fall under for copyrighted material? - ANSWER-What is the "fair-
use" exception for copyrighted material?
What is Anonymization in terms of cloud storage? - ANSWER-What is the technique
used to obscure data stored in the cloud?
What 3 risks are associated with IaaS (Infrastructure as a Service)? - ANSWER-What
Cloud Service Model is associated with the following risks?
1. Personnel Threats
2. External Threats
3. Lack of Specific Skillsets
What 4 risks are associated with PaaS (Platform as a Service)? - ANSWER-What
Cloud Service Model is associated with the following risks?
1. Interoperability Issues
2. Persistent Backdoors
3. Virtualization
4. Resource Sharing
What 3 risks are associated with SaaS (Software as a Service)? - ANSWER-What
Cloud Service Model is associated with the following risks?
, Page 3 of 18
1. Proprietary Formats
2. Virtualization
3. Web Application Security
What kind of concern do New Dependencies introduce? - ANSWER-What is a
potential emergent business impact analysis (BIA) Concern?
What are the three kinds of Audits? - ANSWER-What are these forms of?
1. Internal
2. External
3. Audit Preparation
Who performs Internal Audits? - ANSWER-What kind of audit is performed by
employees of the organization?
Who performs External Audits? - ANSWER-What kind of audit is performed by
individuals outside of the organization?
What is Audit Preparation? - ANSWER-What discusses and negotiates parameters of
an audit prior to its start?
What are the type of SOC Reports? - ANSWER-What are the following items types of?
1. SOC 1
2. SOC 2
WGU D320 – Managing Cloud Security (2026) | Verified CCSP
Exam Prep Questions & Complete Study Guide
Who is ultimately legally liable for any loss of data even in the case of negligence or
malice? - ANSWER-Cloud Customers are legally responsible for what?
This is considered an asset? - ANSWER-Data is considered what?
What are the phases of the Data Life Cycle? - ANSWER-What process do these
ordered steps constitute?
1. Create
2. Store
3. Use
4. Share
5. Archive
6. Destroy
Who is responsible for data Categorization and Classification during the Creation
Phase? - ANSWER-What is the primary responsibility of the Data Owner
What is the preferred upload method to the Cloud during the Store Phase? -
ANSWER-What are IPSec and TLS 1.2 (or higher version) VPNs used for?
What is the recommended "Don't" of crypto key storage? - ANSWER-Do not store
crypto keys with the cloud provider whether or not the cloud customer chooses to
use a CASB.
, Page 2 of 18
What do Regulators do? - ANSWER-Who arranges Cloud Services?
What is the role of Transference in addressing risks? - ANSWER-What is one of the
main methods of addressing risks?
what does Critique fall under for copyrighted material? - ANSWER-What is the "fair-
use" exception for copyrighted material?
What is Anonymization in terms of cloud storage? - ANSWER-What is the technique
used to obscure data stored in the cloud?
What 3 risks are associated with IaaS (Infrastructure as a Service)? - ANSWER-What
Cloud Service Model is associated with the following risks?
1. Personnel Threats
2. External Threats
3. Lack of Specific Skillsets
What 4 risks are associated with PaaS (Platform as a Service)? - ANSWER-What
Cloud Service Model is associated with the following risks?
1. Interoperability Issues
2. Persistent Backdoors
3. Virtualization
4. Resource Sharing
What 3 risks are associated with SaaS (Software as a Service)? - ANSWER-What
Cloud Service Model is associated with the following risks?
, Page 3 of 18
1. Proprietary Formats
2. Virtualization
3. Web Application Security
What kind of concern do New Dependencies introduce? - ANSWER-What is a
potential emergent business impact analysis (BIA) Concern?
What are the three kinds of Audits? - ANSWER-What are these forms of?
1. Internal
2. External
3. Audit Preparation
Who performs Internal Audits? - ANSWER-What kind of audit is performed by
employees of the organization?
Who performs External Audits? - ANSWER-What kind of audit is performed by
individuals outside of the organization?
What is Audit Preparation? - ANSWER-What discusses and negotiates parameters of
an audit prior to its start?
What are the type of SOC Reports? - ANSWER-What are the following items types of?
1. SOC 1
2. SOC 2
