WGU D343 Managing Cloud Security
Objective Assessment 2026/2027 –
Verified Q&As with Detailed Rationales
(Test Bank Bundle - 39 Questions)
---
*QUESTION 1:*
What is the primary goal of cloud security?
A) To protect data and systems in the cloud
B) To reduce cloud costs
C) To increase cloud speed
D) To eliminate cloud services
> 🎯 *CORRECT ANSWER:* A) To protect data and systems in the cloud
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Cloud security focuses on protection.
> * *Why Distractors Fail:* Cost, speed, and elimination are not goals.
> * *Core Takeaway:* Cloud security protects cloud resources.
---
*QUESTION 2:*
A cloud security manager is using the shared responsibility model. What does this mean?
A) Security responsibilities are shared between the cloud provider and customer
B) The cloud provider handles all security
,C) The customer handles all security
D) Security is not the responsibility of either party
> 🎯 *CORRECT ANSWER:* A) Security responsibilities are shared between the cloud provider and
customer
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* The shared responsibility model divides security duties.
> * *Why Distractors Fail:* All security by provider or customer, or none, are incorrect.
> * *Core Takeaway:* Security is a shared responsibility.
---
*QUESTION 3:*
In the shared responsibility model, the cloud provider is typically responsible for:
A) Security of the cloud infrastructure
B) Security of customer data
C) Security of customer applications
D) Security of customer configurations
> 🎯 *CORRECT ANSWER:* A) Security of the cloud infrastructure
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* The provider secures the infrastructure.
> * *Why Distractors Fail:* Data, applications, and configurations are customer responsibilities.
> * *Core Takeaway:* Provider secures infrastructure.
---
*QUESTION 4:*
A cloud security manager is using identity and access management (IAM). What is the purpose?
A) To control access to cloud resources
, B) To assign IP addresses
C) To resolve domain names
D) To filter traffic
> 🎯 *CORRECT ANSWER:* A) To control access to cloud resources
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* IAM controls access.
> * *Why Distractors Fail:* DHCP assigns IPs; DNS resolves names; firewalls filter traffic.
> * *Core Takeaway:* IAM controls access.
---
*QUESTION 5:*
A cloud security manager is using the principle of least privilege in IAM. This means:
A) Users have the minimum permissions needed
B) Users have all permissions
C) Users have no permissions
D) Users have maximum permissions
> 🎯 *CORRECT ANSWER:* A) Users have the minimum permissions needed
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Least privilege gives minimum permissions.
> * *Why Distractors Fail:* All permissions, no permissions, and maximum are not least privilege.
> * *Core Takeaway:* Least privilege gives minimum permissions.
---
*QUESTION 6:*
A cloud security manager is using role-based access control (RBAC). This is based on:
Objective Assessment 2026/2027 –
Verified Q&As with Detailed Rationales
(Test Bank Bundle - 39 Questions)
---
*QUESTION 1:*
What is the primary goal of cloud security?
A) To protect data and systems in the cloud
B) To reduce cloud costs
C) To increase cloud speed
D) To eliminate cloud services
> 🎯 *CORRECT ANSWER:* A) To protect data and systems in the cloud
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Cloud security focuses on protection.
> * *Why Distractors Fail:* Cost, speed, and elimination are not goals.
> * *Core Takeaway:* Cloud security protects cloud resources.
---
*QUESTION 2:*
A cloud security manager is using the shared responsibility model. What does this mean?
A) Security responsibilities are shared between the cloud provider and customer
B) The cloud provider handles all security
,C) The customer handles all security
D) Security is not the responsibility of either party
> 🎯 *CORRECT ANSWER:* A) Security responsibilities are shared between the cloud provider and
customer
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* The shared responsibility model divides security duties.
> * *Why Distractors Fail:* All security by provider or customer, or none, are incorrect.
> * *Core Takeaway:* Security is a shared responsibility.
---
*QUESTION 3:*
In the shared responsibility model, the cloud provider is typically responsible for:
A) Security of the cloud infrastructure
B) Security of customer data
C) Security of customer applications
D) Security of customer configurations
> 🎯 *CORRECT ANSWER:* A) Security of the cloud infrastructure
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* The provider secures the infrastructure.
> * *Why Distractors Fail:* Data, applications, and configurations are customer responsibilities.
> * *Core Takeaway:* Provider secures infrastructure.
---
*QUESTION 4:*
A cloud security manager is using identity and access management (IAM). What is the purpose?
A) To control access to cloud resources
, B) To assign IP addresses
C) To resolve domain names
D) To filter traffic
> 🎯 *CORRECT ANSWER:* A) To control access to cloud resources
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* IAM controls access.
> * *Why Distractors Fail:* DHCP assigns IPs; DNS resolves names; firewalls filter traffic.
> * *Core Takeaway:* IAM controls access.
---
*QUESTION 5:*
A cloud security manager is using the principle of least privilege in IAM. This means:
A) Users have the minimum permissions needed
B) Users have all permissions
C) Users have no permissions
D) Users have maximum permissions
> 🎯 *CORRECT ANSWER:* A) Users have the minimum permissions needed
> 💡 *CLINICAL RATIONALE:*
> * *Why It's Right:* Least privilege gives minimum permissions.
> * *Why Distractors Fail:* All permissions, no permissions, and maximum are not least privilege.
> * *Core Takeaway:* Least privilege gives minimum permissions.
---
*QUESTION 6:*
A cloud security manager is using role-based access control (RBAC). This is based on: