WGU: MANAGING CLOUD SECURITY
EXAM WITH COMPLETE SOLUTIONS
Infrastructure as a Service (IaaS) -ANSAllows the customer to install all software,
including operating systems (OSs) on hardware housed and connected by the cloud
vendor.
Platform as a Service (PaaS) -ANSContains everything included in IaaS, with the
addition of OSs. This model is especially useful for software development operations
(DevOps).
Software as a Service (SaaS) -ANSIncludes everything listed in the previous
Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) models, with the
addition of software programs.
Encryption -ANSOffers a degree of assurance that nobody without authorization will be
able to access your data in a meaningful way.
Cloud Service Provider (CSP) -ANSProvides administrative assistance for the customer
and the customer's data and processing needs. Examples include Amazon Web
Services, Rackspace, and Microsoft's Azure.
Virtualization -ANSA process of creating a virtual version of something, including virtual
computer hardware platforms, operating systems, storage devices, and computer
network resources.
Vendor lock-in -ANSOccurs in a situation where a customer may be unable to leave,
migrate, or transfer to an alternate provider due to technical or non-technical
constraints.
Cloud provider -ANSA service provider that offers customer storage or software
solutions available via a public network, usually the Internet.
Cloud portability -ANSThe ability to move applications and associated data between
one cloud provider and another, or between legacy and cloud environments.
Cloud Access Security Broker (CASB) -ANSA third-party entity offering independent
identity and access management (IAM) services to CSPs and cloud customers, often as
an intermediary.
, We use what to determine the critical paths, processes, and assets of an organization?
-ANSBIA (The business impact analysis is designed to ascertain the value of the
organization's assets, and learn the critical paths and processes.)
If a cloud customer wants a bare-bones environment in which to replicate their own
enterprise for BC/DR purposes, which cloud service model would probably be best? -
ANSIaaS - IaaS offers what is basically a hot/warm DR site, with hardware, connectivity,
and utilities, allowing the customer to build out any kind of software configuration
(including choosing OSs).
If a service or solution does not meet all of the specified key characteristics listed below,
it is said to be not true cloud computing. Please select the valid cloud computing
characteristics out of the terms identified below. -ANSHere are the characteristics of
cloud computing:
Broad network access
Resource pooling
Measured service
On demand self-service
Rapid expansion
The risk that a cloud provider might go out of business and the cloud customer might
not be able to recover data is known as: -ANSVendor lock-out
Cloud Access Security Brokers (CASBs) might offer all the following services except: -
ANSBC/DR/COOP (CASBs don't usually offer BC/DR/COOP services; that's something
offered by cloud providers.)
Mitigation -ANSA process of taking steps to decrease the likelihood or the impact of the
risk.
Transference -ANSA risk management strategy that involves the contractual shifting of
a risk from one organization to another.
Layered defenses -ANSThe practice of having multiple overlapping means of securing
the environment with a variety of methods.
Risk appetite -ANSRefers to the level, amount, or type of risk that the organization finds
acceptable.
Avoidance -ANSEliminating the risk that is simply too high and cannot be compensated
for with adequate control mechanism.
IaaS boundaries -ANSThe cloud provider creates and administers the hardware assets
on which the customer's programs and data will ride.
EXAM WITH COMPLETE SOLUTIONS
Infrastructure as a Service (IaaS) -ANSAllows the customer to install all software,
including operating systems (OSs) on hardware housed and connected by the cloud
vendor.
Platform as a Service (PaaS) -ANSContains everything included in IaaS, with the
addition of OSs. This model is especially useful for software development operations
(DevOps).
Software as a Service (SaaS) -ANSIncludes everything listed in the previous
Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) models, with the
addition of software programs.
Encryption -ANSOffers a degree of assurance that nobody without authorization will be
able to access your data in a meaningful way.
Cloud Service Provider (CSP) -ANSProvides administrative assistance for the customer
and the customer's data and processing needs. Examples include Amazon Web
Services, Rackspace, and Microsoft's Azure.
Virtualization -ANSA process of creating a virtual version of something, including virtual
computer hardware platforms, operating systems, storage devices, and computer
network resources.
Vendor lock-in -ANSOccurs in a situation where a customer may be unable to leave,
migrate, or transfer to an alternate provider due to technical or non-technical
constraints.
Cloud provider -ANSA service provider that offers customer storage or software
solutions available via a public network, usually the Internet.
Cloud portability -ANSThe ability to move applications and associated data between
one cloud provider and another, or between legacy and cloud environments.
Cloud Access Security Broker (CASB) -ANSA third-party entity offering independent
identity and access management (IAM) services to CSPs and cloud customers, often as
an intermediary.
, We use what to determine the critical paths, processes, and assets of an organization?
-ANSBIA (The business impact analysis is designed to ascertain the value of the
organization's assets, and learn the critical paths and processes.)
If a cloud customer wants a bare-bones environment in which to replicate their own
enterprise for BC/DR purposes, which cloud service model would probably be best? -
ANSIaaS - IaaS offers what is basically a hot/warm DR site, with hardware, connectivity,
and utilities, allowing the customer to build out any kind of software configuration
(including choosing OSs).
If a service or solution does not meet all of the specified key characteristics listed below,
it is said to be not true cloud computing. Please select the valid cloud computing
characteristics out of the terms identified below. -ANSHere are the characteristics of
cloud computing:
Broad network access
Resource pooling
Measured service
On demand self-service
Rapid expansion
The risk that a cloud provider might go out of business and the cloud customer might
not be able to recover data is known as: -ANSVendor lock-out
Cloud Access Security Brokers (CASBs) might offer all the following services except: -
ANSBC/DR/COOP (CASBs don't usually offer BC/DR/COOP services; that's something
offered by cloud providers.)
Mitigation -ANSA process of taking steps to decrease the likelihood or the impact of the
risk.
Transference -ANSA risk management strategy that involves the contractual shifting of
a risk from one organization to another.
Layered defenses -ANSThe practice of having multiple overlapping means of securing
the environment with a variety of methods.
Risk appetite -ANSRefers to the level, amount, or type of risk that the organization finds
acceptable.
Avoidance -ANSEliminating the risk that is simply too high and cannot be compensated
for with adequate control mechanism.
IaaS boundaries -ANSThe cloud provider creates and administers the hardware assets
on which the customer's programs and data will ride.
