Quizzes With 100% Verified Answers |
This WGU Course C838 - Managing Cloud Security (CCSP) by Brian MacFarlane is one
of the most comprehensive study aids available for mastering Western Governors University's C838
course (also known as D320). This 1,037-question test bank aligns directly with the Certified
Cloud Security Professional (CCSP) curriculum by (ISC)².
Core Topics Covered in the Question Bank
This Brian MacFarlane material covers the six major domains tested on the WGU Objective
Assessment (OA) and the official CCSP exam:
• Cloud Data Lifecycle: Deeply covers the six steps (Create, Store, Use, Share, Archive,
Destroy) and their security attributes, such as crypto-shredding in the Destroy phase and
Content Delivery Networks (CDNs) in the Share phase.
• Shared Responsibility Models: Details exactly who manages what layers (Infrastructure,
Operating System, Application, Data) across SaaS, PaaS, and IaaS environments.
• Data Security & Obfuscation: Covers methods like tokenization, anonymization, and
whole-instance encryption for IaaS.
• Application Security Testing: Tests your understanding of Static Application Security
Testing (SAST), Dynamic Application Security Testing (DAST), and black-box methods.
• Compliance & Legal Frameworks: Includes high-yield topics like GDPR rules,
jurisdictional boundaries, eDiscovery complexities, and ISO/IEC frameworks.
Quiz_________________?
1
, _______ drive security decisions.
A Public opinion
B Business requirements
C Surveys
D Customer service responses -
ANSWER✅
B
Quiz_________________?
________ reports review controls relevant to security, availability, processing integrity,
confidentiality, or privacy. This is the report of most use to cloud customers (to determine
the suitability of cloud providers) and IT security practitioners. -
ANSWER✅
SOC 2
Quiz_________________?
__________ usually concerns modifications to a known set of parameters regarding each
element of the network, including what settings each has, how the controls are
implemented, and so forth. -
ANSWER✅
Configuration management
Quiz_________________?
___________ abstracts the running of code (including operating systems) from the
underlying hardware and most commonly refers to virtual machines. -
ANSWER✅
2
, Compute virtualization
Quiz_________________?
___________ are the logs, documentation, and other materials needed for audits and
compliance; they are the evidence to support compliance activities. -
ANSWER✅
Artifacts
Quiz_________________?
____________ are applied to existing systems and components, whereas upgrades are the
replacement of older elements for new ones. -
ANSWER✅
Updates
Quiz_________________?
____________ refers to the process of identifying and obtaining electronic evidence for
either prosecutorial or litigation purposes. Determining which data in a set is pertinent can
be difficult. Regardless of whether it is databases, records, email, or just simple files. -
ANSWER✅
Electronic discovery (eDiscovery)
Quiz_________________?
____________ specifies a management system that is intended to bring information
security under management control and gives specific requirements. Organizations that
meet the requirements may be certified by an accredited certification body following
successful completion of an audit. -
ANSWER✅
3
, ISO/IEC 27001
Quiz_________________?
_____________ usually deals with modifications to the network, such as the acquisition
and deployment of new systems and components and the disposal of those taken out of
service. -
ANSWER✅
Change management
Quiz_________________?
______________ efforts are concerned with maintaining critical operations during any
interruption in service, whereas disaster recovery efforts are focused on the resumption of
operations after an interruption due to disaster. -
ANSWER✅
Business continuity
Quiz_________________?
______________ is an advisory organization for matters related to IT service. -
ANSWER✅
Uptime Institute
Quiz_________________?
______________ talks about personally identifiable information (PII) as a name, date of
birth, and Social Security number. HIPAA calls this type of data "electronic protected health
information" (ePHI), and it also includes any patient information, including medical records,
and facial photos. GLBA includes customer account information such as account numbers
and balances. -
4