1
WGU
WGU PA D320 MANAGING CLOUD SECURITY REVIEW
(NEW 2024/ 2025 UPDATE) QS & AS| GRADE A|
100% CORRECT (VERIFIED ANSWERS)
Which storage architecture contains nodes that are logically connected rather
than physically connected?
Tightly coupled clusters
Data dispersion
Loosely coupled clusters
Archival storage - ANS ✓Loosely coupled clusters
Which purpose does an intrusion prevention system (IPS) serve when compared
to an intrusion detection system (IDS)?
An IPS detects and stops malicious traffic, while an IDS detects and alerts about
malicious traffic.
An IPS detects and alerts about malicious traffic, while an IDS detects and stops
malicious traffic.
An IDS tells an IPS what malicious traffic it detects, and then the IPS blocks that
traffic.
An IPS tells an IDS what malicious traffic it detects, and then the IDS blocks that
traf - ANS ✓An IPS detects and stops malicious traffic, while an IDS detects and
alerts about malicious traffic.
Which part of a network should a security information and event management
(SIEM) suite use to ensure network devices in a software-defined network are
properly forwarding traffic?
Data plane
Debug log
WGU PA D320
, 2
WGU
Error log
Control plane - ANS ✓Control plane
An analyst needs to scan hosts for misconfigurations and known security threats
that could lead to a security incident.
Which type of scanner will allow the analyst to check for these types of issues?
Protocol
Address
Port
Vulnerability - ANS ✓Vulnerability
An organization identified the need to improve the resiliency of a critical IT
service to ensure access for its customers.
Which information technology service management (ITSM) process should be
implemented to ensure the organization meets this goal?
Availability management
Capacity management
Incident management
Security management - ANS ✓Availability management
An organization lost connectivity to one of its data centers because of a power
outage.
What is used to measure the return to operational capability after the loss of
connectivity?
Recovery time objective (RTO)
Maximum tolerable downtime (MTD)
Recovery point objective (RPO)
WGU PA D320
, 3
WGU
Annualized loss expectancy (ALE) - ANS ✓Recovery time objective (RTO)
Which type of management focuses on arranging all the elements needed to
deploy new software, including QA testing and staging, before the software
enters active maintenance?
Availability management (AM)
Release management (RM)
Incident management (IM)
Problem management (PM) - ANS ✓Release management (RM)
A security analyst is tasked with collecting evidence related to a data breach
involving monetary theft.
Which action should the security analyst take when accessing the breached
system?
Create an unencrypted backup of all data
Create an encrypted backup of all data
Detail and replicate all activities taken
Document and record all activities taken - ANS ✓Document and record all
activities taken
During an investigation, government agents asked a security professional to
collect the records stored in a database and present them to the court.
Which process should the security professional use to identify and obtain that
information?
Electronic communication
Error correcting code (ECC) memory
Cyclic redundancy check (CRC)
Electronic discovery - ANS ✓Electronic discovery
WGU PA D320
WGU
WGU PA D320 MANAGING CLOUD SECURITY REVIEW
(NEW 2024/ 2025 UPDATE) QS & AS| GRADE A|
100% CORRECT (VERIFIED ANSWERS)
Which storage architecture contains nodes that are logically connected rather
than physically connected?
Tightly coupled clusters
Data dispersion
Loosely coupled clusters
Archival storage - ANS ✓Loosely coupled clusters
Which purpose does an intrusion prevention system (IPS) serve when compared
to an intrusion detection system (IDS)?
An IPS detects and stops malicious traffic, while an IDS detects and alerts about
malicious traffic.
An IPS detects and alerts about malicious traffic, while an IDS detects and stops
malicious traffic.
An IDS tells an IPS what malicious traffic it detects, and then the IPS blocks that
traffic.
An IPS tells an IDS what malicious traffic it detects, and then the IDS blocks that
traf - ANS ✓An IPS detects and stops malicious traffic, while an IDS detects and
alerts about malicious traffic.
Which part of a network should a security information and event management
(SIEM) suite use to ensure network devices in a software-defined network are
properly forwarding traffic?
Data plane
Debug log
WGU PA D320
, 2
WGU
Error log
Control plane - ANS ✓Control plane
An analyst needs to scan hosts for misconfigurations and known security threats
that could lead to a security incident.
Which type of scanner will allow the analyst to check for these types of issues?
Protocol
Address
Port
Vulnerability - ANS ✓Vulnerability
An organization identified the need to improve the resiliency of a critical IT
service to ensure access for its customers.
Which information technology service management (ITSM) process should be
implemented to ensure the organization meets this goal?
Availability management
Capacity management
Incident management
Security management - ANS ✓Availability management
An organization lost connectivity to one of its data centers because of a power
outage.
What is used to measure the return to operational capability after the loss of
connectivity?
Recovery time objective (RTO)
Maximum tolerable downtime (MTD)
Recovery point objective (RPO)
WGU PA D320
, 3
WGU
Annualized loss expectancy (ALE) - ANS ✓Recovery time objective (RTO)
Which type of management focuses on arranging all the elements needed to
deploy new software, including QA testing and staging, before the software
enters active maintenance?
Availability management (AM)
Release management (RM)
Incident management (IM)
Problem management (PM) - ANS ✓Release management (RM)
A security analyst is tasked with collecting evidence related to a data breach
involving monetary theft.
Which action should the security analyst take when accessing the breached
system?
Create an unencrypted backup of all data
Create an encrypted backup of all data
Detail and replicate all activities taken
Document and record all activities taken - ANS ✓Document and record all
activities taken
During an investigation, government agents asked a security professional to
collect the records stored in a database and present them to the court.
Which process should the security professional use to identify and obtain that
information?
Electronic communication
Error correcting code (ECC) memory
Cyclic redundancy check (CRC)
Electronic discovery - ANS ✓Electronic discovery
WGU PA D320
