WGU - D320 EXAM QUESTIONS AND 100% CORRECT
ANSWERS NEW!!
1: Deploys Secure Solutions
What technology should be deployed to securely connect on-premise enterprise
systems with a cloud platform - ANSWER A. Domain Name System Security Extensions
(DNSSEC)
B. Internet Protocol Security (IPSec) VPN
C. Web Application Firewall (WAF)
D. Data Loss Prevention (DLP)
Correct Answer: B. Internet Protocol Security (IPSec) VPN
Explanation:
• IPSec VPN is designed to provide security for communication over an IP network.
Encryption of the whole IP packet is performed for its secure transmission between
on-site systems and cloud platforms, ensuring the integrity and confidentiality of data.
• DNSSEC provides integrity but does not offer any means for secure communications
between systems regarding DNS responses.
• WAF is used for web application protection by filtering and monitoring HTTP traffic, not
for secure system communications.
• DLP can prevent data breaches by monitoring and controlling data flows but does not
establish secure communication channels.
2: Implements Operations
Which of the following phases of the cloud data lifecycle would most likely overlap with
the 'Create' phase in terms of implementing security controls - ANSWER A. Share
B. Store
C. Use
D. Destroy
Correct Answer: B. Store
,Explanation:
• Store is most often running over from the Create phase since just about as soon as
data is created, it generally has to be stored securely. The security controls - encryption
for example - should occur at this stage.
• Share and Use happens after the storage of data.
• Destroy is the very last step of the life cycle, as it occurs in general after the data isn't
needed any longer.
3: Performs Risk Management
Which risk management approach involves completely eliminating a risk because it
exceeds the organization's risk appetite - ANSWER A. Mitigation
B. Avoidance
C. Transfer
D. Acceptance
Correct Answer: B. Avoidance
Explanation:
• Avoidance involves eliminating the risk entirely, typically when the potential impact is
too great or when controls cannot adequately reduce the risk to an acceptable level.
• Mitigation involves reducing the risk to an acceptable level.
• Transfer refers to the passing on the risk to any third party, for instance, via insurance.
• Acceptance refers to recognizing the presence of the risk and to accept to exist with it
without carrying out any more actions.
4: Identifies Legal, Compliance, and Ethical Concerns
What U.S. law is solely concerned with the privacy of financial information - ANSWER
A. Health Insurance Portability and Accountability Act (HIPAA)
B. Sarbanes-Oxley Act (SOX)
C. Gramm-Leach-Bliley Act (GLBA)
D. Safe Harbor
Correct Answer: C. Gramm-Leach-Bliley Act (GLBA)
,Explanation:
• GLBA was designed to protect consumer financial privacy by placing regulations for
the handling of private data by financial institutions.
• HIPAA is focused on healthcare information.
• SOX is concerned with corporate financial practices and reporting.
• Safe Harbor was an agreement between the US and EU for data transfers, not
specifically financial privacy.
1: Implements Secure Solutions
Which technology is most effective to prevent unauthorized access to sensitive data by
ensuring it is unreadable without proper decryption keys - ANSWER A. Data Masking
B. Tokenization
C. Encryption
D. Obfuscation
Correct Answer: C. Encryption
Explanations: Encryption changes readable data into unreadable form using
cryptographic algorithms that unauthorized users cannot access. Tokenization and data
masking are also methods of securing data, but they do not offer the same level of
security as encryption. Obfuscation is the process of making data more
incomprehensible but is not intended to prevent access.
2: Performs Operations
Which of the following activities is critical during the Secure Operations phase of the
Software Development Lifecycle (SDLC) - ANSWER A. Static Analysis
B. Code Review
C. Dynamic Analysis
D. Acceptance Testing
Correct Answer: C. Dynamic Analysis
This is because Dynamic Analysis involves the actual testing of the software in a runtime
environment, where security vulnerabilities that might be invisible during static testing
show up. Static Analysis and Code Review are performed way ahead in the SDLC line,
, while Acceptance Testing takes place following secure operations, to assess whether
the system meets the laid-out specifications.
3: Performs Risk Management
The transfer of risk to a third party in the event is known as an approach of handling risk
through - Insurance. A. Risk Mitigation
B. Risk Avoidance
C. Risk Transference
D. Risk Acceptance
Correct Answer: C. Risk Transference
Explanation: Risk Transference involves transferring the risk consequences to a third
party via insurance or outsourcing of activities. Mitigation involves reducing the risk,
Avoidance involves elimination of the risk, and Acceptance is recognition and
acceptance of the risk without any further action.
4: Identifies Legal, Compliance, and Ethical Concerns
Which U.S. law focuses specifically on the protection of personal health information -
ANSWER A. Sarbanes-Oxley Act (SOX)
B. Health Insurance Portability and Accountability Act (HIPAA)
C. Gramm-Leach-Bliley Act (GLBA)
D. Federal Information Security Management Act (FISMA)
Correct Answer: B. Health Insurance Portability and Accountability Act (HIPAA)
Explanation: HIPAA supplies standards for the protection of personal health
information. SOX relates to corporate financial practices, GLBA addresses financial
privacy, and FISMA covers federal information security management.
5: Applies Secure Solutions
Which cloud service model requires the customer to manage the security of the
operating system, applications, and data - ANSWER A. Software as a Service (SaaS)
B. Platform as a Service (PaaS)
C. Infrastructure as a Service (IaaS)
ANSWERS NEW!!
1: Deploys Secure Solutions
What technology should be deployed to securely connect on-premise enterprise
systems with a cloud platform - ANSWER A. Domain Name System Security Extensions
(DNSSEC)
B. Internet Protocol Security (IPSec) VPN
C. Web Application Firewall (WAF)
D. Data Loss Prevention (DLP)
Correct Answer: B. Internet Protocol Security (IPSec) VPN
Explanation:
• IPSec VPN is designed to provide security for communication over an IP network.
Encryption of the whole IP packet is performed for its secure transmission between
on-site systems and cloud platforms, ensuring the integrity and confidentiality of data.
• DNSSEC provides integrity but does not offer any means for secure communications
between systems regarding DNS responses.
• WAF is used for web application protection by filtering and monitoring HTTP traffic, not
for secure system communications.
• DLP can prevent data breaches by monitoring and controlling data flows but does not
establish secure communication channels.
2: Implements Operations
Which of the following phases of the cloud data lifecycle would most likely overlap with
the 'Create' phase in terms of implementing security controls - ANSWER A. Share
B. Store
C. Use
D. Destroy
Correct Answer: B. Store
,Explanation:
• Store is most often running over from the Create phase since just about as soon as
data is created, it generally has to be stored securely. The security controls - encryption
for example - should occur at this stage.
• Share and Use happens after the storage of data.
• Destroy is the very last step of the life cycle, as it occurs in general after the data isn't
needed any longer.
3: Performs Risk Management
Which risk management approach involves completely eliminating a risk because it
exceeds the organization's risk appetite - ANSWER A. Mitigation
B. Avoidance
C. Transfer
D. Acceptance
Correct Answer: B. Avoidance
Explanation:
• Avoidance involves eliminating the risk entirely, typically when the potential impact is
too great or when controls cannot adequately reduce the risk to an acceptable level.
• Mitigation involves reducing the risk to an acceptable level.
• Transfer refers to the passing on the risk to any third party, for instance, via insurance.
• Acceptance refers to recognizing the presence of the risk and to accept to exist with it
without carrying out any more actions.
4: Identifies Legal, Compliance, and Ethical Concerns
What U.S. law is solely concerned with the privacy of financial information - ANSWER
A. Health Insurance Portability and Accountability Act (HIPAA)
B. Sarbanes-Oxley Act (SOX)
C. Gramm-Leach-Bliley Act (GLBA)
D. Safe Harbor
Correct Answer: C. Gramm-Leach-Bliley Act (GLBA)
,Explanation:
• GLBA was designed to protect consumer financial privacy by placing regulations for
the handling of private data by financial institutions.
• HIPAA is focused on healthcare information.
• SOX is concerned with corporate financial practices and reporting.
• Safe Harbor was an agreement between the US and EU for data transfers, not
specifically financial privacy.
1: Implements Secure Solutions
Which technology is most effective to prevent unauthorized access to sensitive data by
ensuring it is unreadable without proper decryption keys - ANSWER A. Data Masking
B. Tokenization
C. Encryption
D. Obfuscation
Correct Answer: C. Encryption
Explanations: Encryption changes readable data into unreadable form using
cryptographic algorithms that unauthorized users cannot access. Tokenization and data
masking are also methods of securing data, but they do not offer the same level of
security as encryption. Obfuscation is the process of making data more
incomprehensible but is not intended to prevent access.
2: Performs Operations
Which of the following activities is critical during the Secure Operations phase of the
Software Development Lifecycle (SDLC) - ANSWER A. Static Analysis
B. Code Review
C. Dynamic Analysis
D. Acceptance Testing
Correct Answer: C. Dynamic Analysis
This is because Dynamic Analysis involves the actual testing of the software in a runtime
environment, where security vulnerabilities that might be invisible during static testing
show up. Static Analysis and Code Review are performed way ahead in the SDLC line,
, while Acceptance Testing takes place following secure operations, to assess whether
the system meets the laid-out specifications.
3: Performs Risk Management
The transfer of risk to a third party in the event is known as an approach of handling risk
through - Insurance. A. Risk Mitigation
B. Risk Avoidance
C. Risk Transference
D. Risk Acceptance
Correct Answer: C. Risk Transference
Explanation: Risk Transference involves transferring the risk consequences to a third
party via insurance or outsourcing of activities. Mitigation involves reducing the risk,
Avoidance involves elimination of the risk, and Acceptance is recognition and
acceptance of the risk without any further action.
4: Identifies Legal, Compliance, and Ethical Concerns
Which U.S. law focuses specifically on the protection of personal health information -
ANSWER A. Sarbanes-Oxley Act (SOX)
B. Health Insurance Portability and Accountability Act (HIPAA)
C. Gramm-Leach-Bliley Act (GLBA)
D. Federal Information Security Management Act (FISMA)
Correct Answer: B. Health Insurance Portability and Accountability Act (HIPAA)
Explanation: HIPAA supplies standards for the protection of personal health
information. SOX relates to corporate financial practices, GLBA addresses financial
privacy, and FISMA covers federal information security management.
5: Applies Secure Solutions
Which cloud service model requires the customer to manage the security of the
operating system, applications, and data - ANSWER A. Software as a Service (SaaS)
B. Platform as a Service (PaaS)
C. Infrastructure as a Service (IaaS)