WGU C838 OA EXAM QUESTIONS WITH 100% CORRECT ANSWERS/A+ GRADE
A business is concerned about the usage of its third-party provided, leased cloud
resources. Which audit process should be used to investigate this concern? -
✔✔Review traffic logs for the leased cloud resources
A cloud administrator recommends using tokenization as an alternative to
protecting data without encryption. The administrator needs to make an
authorized application request to access the data. Which step should occur
immediately before this action is taken? - ✔✔The application stores the token
A cloud customer is setting up communication paths with the cloud service
provider that will be used in the event of an incident. Which action facilitates
this type of communication? - ✔✔Using existing open standards
A company has recently defined classification levels for its data. During which
phase of the cloud data life cycle should this definition occur? - ✔✔Create
A CSP operating in Australia experiences a security breach that results in
disclosure of personal information that is likely to result in serious harm. Who is
the CSP legally required to notify? - ✔✔Information commisioner
A CSP provides services in European Union (EU) countries that are subject to the
network information security (NIS) directive. The CSP experiences an incident
that significantly affects the continuity of the essential services being provided.
Who is the CSP required to notify under the NIS directive? - ✔✔Competent
authorities
, A security analyst is investigating an incident of access to a resource from an
unauthorized location. Which data source should the security analyst use to
investigate the incident? - ✔✔Packet capture file
A top-down approach for addressing and managing risk in an organization is
what? - ✔✔Information security management system (ISMS)
Adding or replacing characters to protect information is what? - ✔✔Masking
An architect needs to constrain problems to a level that can be controlled when
the problem exceeds the capabilities of disaster recovery (DR) controls. Which
aspect of the plan will provide this guarantee? - ✔✔Handling provider outages
API for web services - ✔✔REST
API reliant on XML - ✔✔SOAP
Authentication in federated identity environments - ✔✔SAML
CCM does what? - ✔✔Assists cloud customers with assessing overall risk of a
CSP
CCSL - ✔✔Cloud certification schemes list
Data sliced into "chunks" that are encrypted along with parity bits on various
drives is what? - ✔✔Data dispersion
A business is concerned about the usage of its third-party provided, leased cloud
resources. Which audit process should be used to investigate this concern? -
✔✔Review traffic logs for the leased cloud resources
A cloud administrator recommends using tokenization as an alternative to
protecting data without encryption. The administrator needs to make an
authorized application request to access the data. Which step should occur
immediately before this action is taken? - ✔✔The application stores the token
A cloud customer is setting up communication paths with the cloud service
provider that will be used in the event of an incident. Which action facilitates
this type of communication? - ✔✔Using existing open standards
A company has recently defined classification levels for its data. During which
phase of the cloud data life cycle should this definition occur? - ✔✔Create
A CSP operating in Australia experiences a security breach that results in
disclosure of personal information that is likely to result in serious harm. Who is
the CSP legally required to notify? - ✔✔Information commisioner
A CSP provides services in European Union (EU) countries that are subject to the
network information security (NIS) directive. The CSP experiences an incident
that significantly affects the continuity of the essential services being provided.
Who is the CSP required to notify under the NIS directive? - ✔✔Competent
authorities
, A security analyst is investigating an incident of access to a resource from an
unauthorized location. Which data source should the security analyst use to
investigate the incident? - ✔✔Packet capture file
A top-down approach for addressing and managing risk in an organization is
what? - ✔✔Information security management system (ISMS)
Adding or replacing characters to protect information is what? - ✔✔Masking
An architect needs to constrain problems to a level that can be controlled when
the problem exceeds the capabilities of disaster recovery (DR) controls. Which
aspect of the plan will provide this guarantee? - ✔✔Handling provider outages
API for web services - ✔✔REST
API reliant on XML - ✔✔SOAP
Authentication in federated identity environments - ✔✔SAML
CCM does what? - ✔✔Assists cloud customers with assessing overall risk of a
CSP
CCSL - ✔✔Cloud certification schemes list
Data sliced into "chunks" that are encrypted along with parity bits on various
drives is what? - ✔✔Data dispersion
