WGU C838 MANAGING CLOUD SECURITY FINAL EXAM OA 100 QUESTIONS AND ANSWERS LATEST 2023/2024

WGU C838 You are the security subject matter expert (SME) for an organization considering a transition from the legacy environment into a hosted cloud provider 's data center. One of the challenges you 're facing is whether the cloud provider will be able to comply with the existing legislative and contractual frameworks your organization is required to follow. This is a _________ issue. a. Resiliency b. Privacy c. Performance d. Regulatory D 76. You are the security subject matter expert (SME) for an organization considering a transition from the legacy environ ment into a hosted cloud provider 's data center. One of the challenges you 're facing is whether the cloud provider will be able to allow your organization to substantiate and determine with some assurance that all of the contract terms are being met. This is a(n) ____________ issue. a. Regulatory b. Privacy c. Resiliency d. Auditability D 77. Encryption is an essential tool for affording security to cloud-based operations. While it is possible to encrypt every system, piece of data, and transaction that takes place on the cloud, why might that not be the optimum choice for an organization? a. K ey length variances don 't provide any actual additional security. b. It would cause additional processing overhead and time delay. c. It might result in vendor lockout. d. The data subjects might be upset by this. B 78. Encryption is an essential tool for affording security to cloud-based operations. While it is possible to encrypt every system, piece of data, and transaction that takes place on the cloud, why might that not be the optimum choice for an organization? a. It could increase the possibility of physical theft. b. Encryption won 't work throughout the environment. c. The protection might be disproportionate to the value of the asset(s). d. Users will be able to see everything within the organization. C 79. Which of the following is not an element of the identification component of identity and access management (IAM)? a. Provisioning b. Management c. Discretion d. Deprovisioning C 80. Which of the following entities is most likely to play a vital role in the identity provisioning aspect of a user 's experience in an organization? a. The accounting department b. The human resources (HR) office c. The maintenance team d. The purchasing office B 81. Why is the deprovisioning element of the identification component of identity and access management (IAM) so important? a. Extra accounts cost so much extra money. b. Open but unassigned accounts are vulnerabilities. c. User tracking is essential to performance. d. Encryption has to be maintained. B 82. All of the following are reasons to perform review and maintenance actions on user accounts except ____________. a. To determine whether the user still needs the same access b. To determine whether the user is still with the organization c. To determine whether the data set is still applicable to the user 's role d. To determine whether the user is still performing well D 83. Who should be involved in review and maintenance of user accounts/access? a. The user 's manager b. The security manager c. The accounting department d. The incident response team A 84. Which of the following protocols is most applicable to the identification process aspect of identity and access management (IAM)? a. Secure Sockets Layer (SSL) b. Internet Protocol security (IPsec) c. Lightweight Directory Access Protocol (LDAP) d. Amorphous ancillary data transmission (AADT) C 85. Privileged user (administrators, managers, and so forth) accounts need to be reviewed more closely than basic user accounts. Why is this? a. Privileged users have more encryption keys. b. Regular users are more trustworthy. c. There are extra controls on privileged user accounts. d. Privileged users can cause more damage to the organization. D 86. The additional review activities that might be performed for privileged user accounts could include all of the following except _____________. a. Deeper personnel background checks b. Review of personal financial accounts for privileged users c. More frequent reviews of the necessity for access d. Pat-down checks of privileged users to deter against physical theft D 87. If personal financial account reviews are performed as an additional review control for privileged users, which of the following characteristics is least likely to be a useful indicator for review purposes? a. Too much money in the account b. Too little money in the account c. The bank branch being used by the privileged user d. Specific senders/recipients C 88. How often should the accounts of privileged users be reviewed? a. Annually b. Twice a year c. Monthly d. More often than regular user account reviews D 89. Privileged user account access should be __________. a. Temporary b. Pervasive c. Thorough d. Granular A W WGU C838 MANAGING CLOUD SECURITY FINAL EXAM OA 100 QUESTIONS AND ANSWERS LATEST |AGRADE b. Design c. Develop d. Test B 79. At which phase of the SDLC is it probably most useful to involve third-party personnel? a. Define b. Design c. Develop d. Test D 80. In SDLC implementations that include a Secure Operations phase, which of the following security techniques/tools are implemented during that phase? a. Vulnerability assessments and penetration testing b. Performance testing and security control validation c. Requirements fulfillment testing d. Threat modeling and secure design review A 81. A cloud environment that lacks security controls is vulnerable to exploitation, data loss, and interruptions. Conversely, excessive use of security controls ____________. a. Can lead to data breaches b. Causes electromagnetic interference c. Will affect quality of service d. Can cause regulatory noncompliance C 82. A cloud environment that lacks security controls is vulnerable to exploitation, data loss, and interruptions. Conversely, excessive use of security controls ____________. a. Can lead to DDoS b. Allows malware infections c. Increases the risk of adverse environmental effects d. Is an unnecessary expense D 83. A cloud environment that lacks security controls is vulnerable to exploitation, data loss, and interruptions. Conversely, excessive use of security controls ____________. a. Can lead to customer dissatisfaction b. Is a risk to health and human safety c. Brings down the organization 's stock price d. Negates the need for insurance A 84. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a bring your own device (BYOD) workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data and the process for getting an API added to the list of approved programs. You conduct an approved scan of the company data set in the cloud, with the provider 's permission. This allows you to catalog all APIs that have accessed and manipulated company data through authorized user accounts in the last month. The scan reveals that 300 different APIs were used by authorized personnel. Of these, 30 had been approved by the company and were on the list. Of the following, what is the most reasonable immediate action? a. Delete accounts of all users who had utilized unapproved APIs to access company data. b. Suspend access for all users who had utilized unapproved APIs to access company data. c. Block all unapproved APIs from accessing company data. d. Notify whomever you report to in the company hierarchy, and suggest bringing the matter to the attention of senior management immediately. D 85. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data and the process for getting an API added to the list of approved programs. You conduct an approved scan of the company data set in the cloud, with the provider 's permission. This allows you to catalog all APIs that have accessed and manipulated company data through authorized user accounts in the last month. The scan reveals that 300 different APIs were used by authorized personnel. Of these, 30 had been approved by the company and were on the list. You 've brought the matter to the attention of the CEO, who understands the issue and asks for your recommendation. What is probably the best suggestion? a. Gather more data about how users are utilizing the APIs and for what purposes. b. Delete accounts of all users who had utilized unapproved APIs to access company data. c. Suspend access for all users who had utilized unapproved APIs to access company data. d. Block all unapproved APIs from accessing company data. A 86. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data and the process for getting an API added to the list of approved programs. You conduct an approved scan of the company data set in the cloud, with the provider 's permission. This allows you to catalog all APIs that have accessed and manipulated company data through authorized user accounts in the last month. The scan reveals that 300 different APIs were used by authorized personnel. Of these, 30 had been approved by the company and were on the list. Upon performing an information-gathering investigation at the behest of the CEO, you determine that these APIs increased productivity 387 percent over the period since they were adopted, at a cost that is negligible compared to shepherding even one API through the company 's current approval process. What is your suggestion on how to handle the situation? a. Retroactively put all the APIs currently in use through the formal approval process, and require that all future APIs users want to install also get approved. b. Have the CEO waive formal approval processing for all APIs currently in use, granting them approval, but require all future APIs be approved through that process. c. Punish all employees who have installed or used any of the rogue APIs for violating company policy. d. Change the policy. D 87. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data, and the process for getting an API added to the list of approved programs. After finding that users were routinely violating the API approval process but that the result of their violation was a massive increase in productivity and no appreciable increase in company expense, the CEO changed the company policies to allow users to select APIs with which to access and manipulate company data. As a subject matter expert, what should you also recommend to the CEO? a. Reward the users who committed the infractions, for aiding the company even when they were violating the policy. b. Replace all the personnel that violated the policy, and have the new personnel use the new policy from their start of hire. c. Restrict user access to possible APIs. d. Augment the current set of security controls used by the company in order to offset risks posed by the anticipated use of even more APIs from unknown sources. D 88. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also allow users to select which APIs they install and use on their own devices in order to access and manipulate company data. Of the following, what is a security control you 'd like to implement to offset the risk(s) incurred by this practice? a. Encrypt all routers between mobile users and the cloud. b. Use additional anti-malware detection capabilities on both user devices and the environment to which they connect. c. Implement strong multifactor authentication on all user-owned devices. d. Employ regular performance monitoring in the cloud environment to ensure that the cloud provider is meeting the SLA targets. B 89. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also allow users to select which APIs they install and use on their own devices in order to access and manipulate company data. Of the following, what is a security control you 'd like to implement to offset the risk(s) incurred by this practice? a. Regular and widespread integrity checks on sampled data throughout the managed environment b. More extensive and granular background checks on all employees, particularly new hires c. Inclusion of references to all applicable regulations in the policy documents d. Increased enforcement of separation of duties for all workflows A 90. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also allow users to select which APIs they install and use on their own devices in order to access and manipulate company data. Of the fo llowing, what is a security control you 'd like to implement to offset the risk(s) incurred by this practice? WGU C838 MANAGING CLOUD SECURITY FINAL EXAM OA 100 QUESTIONS AND ANSWERS LATEST |AGRADE a. Enact secure connections between the user devices and the cloud environment using end-to-end encryption. b. Enact secure connections between the user devices and the cloud environment using link encryption. c. Employ additional user training. d. Tunnel all connections with a VPN. C 91. Users in your organization have been leveraging APIs for enhancing their productivity in the cloud environment. In order to ensure that you are securing API access to the production environment, you should deploy _________ and ____________. a. SSL and message-level cryptography b. TLS and message-level cryptography c. SSL and whole drive encryption d. TLS and whole drive encryption B 92. We implement IAM in order to control access between subjects and objects. What is the ultimate purpose of this effort? a. Identification. Determine who the specific, individual subjects are. b. Authentication. Verify and validate any identification assertions. c. Authorization. Grant subjects permissions to objects once they 've been authenticated. d. Accountability. Be able to reconstruct a narrative of who accessed what. A 93. ________ is perhaps the main external factor driving IAM efforts. a. Regulation b. Business need c. The evolving threat landscape d. Monetary value A 94. Whether in a cloud or legacy environment, it is important to implement both _________ and ________ access controls. a. Internal and managed b. Provider and customer c. Physical and logical d. Administrative and technical C 95. Access to specific data sets should be granted by ____________. a. The data subjects b. The data owners c. The data processors d. The data regulators B 96. Access should be granted based on all of the following except ____________. a. Policy b. Business needs c. Performance d. Acceptable risk C 97. Federation allows _________ across organizations. a. Role replication b. Encryption c. Policy d. Access D 98. Federation should be __________ to the users. a. Hostile b. Proportional c. Transparent d. Expensive C 99. A web application firewall (WAF) understands which protocol(s)? a. All protocols that use the Internet as a medium b. TLS c. HTTP d. FTP C 100. Web application firewalls and database activity monitors function at levels ________ and ________ of the OSI model, respectively. a. 1 and 7 b. 7 and 1 c. 7 and 7 d. 3 and 4 ------ C 50. When cloud computing professionals use the term ping, power, pipe , which of the following characteristics is not being described? a. Logical connectivity b. Human interaction c. Electricity d. HVAC B 51. Which of the following is not a goal of a site survey? a. Threat definition b. Target identification c. Penetration testing d. Facility characteristics C 52. Designing system redundancy into a cloud data center allows all the following capabilities except ____________. a. Incorporating additional hardware into the production environment b. Preventing any chance of service interruption c. Load-sharing/balancing d. Planned, controlled failover during contingency operations B 53. Gaseous fire suppression systems that function by displacing oxygen need to be installed in conjunction with ____________. a. Water cooling b. Filters c. Occupant training d. Failsafe or OA 100 QUESTIONS AND ANSWERS LATEST 2023/2024 You are the security subject matter expert (SME) for an organization considering a transition from the legacy environment into a hosted cloud provider 's data center. One of the challenges you 're facing is whether the cloud provider will be able to comply with the existing legislative and contractual frameworks your organization is required to follow. This is a _________ issue. a. Resiliency b. Privacy c. Performance d. Regulatory D 76. You are the security subject matter expert (SME) for an organization considering a transition from the legacy environ ment into a hosted cloud provider 's data center. One of the challenges you 're facing is whether the cloud provider will be able to allow your organization to substantiate and determine with some assurance that all of the contract terms are being met. This is a(n) ____________ issue. a. Regulatory b. Privacy c. Resiliency d. Auditability D 77. Encryption is an essential tool for affording security to cloud-based operations. While it is possible to encrypt every system, piece of data, and transaction that takes place on the cloud, why might that not be the optimum choice for an organization? a. K ey length variances don 't provide any actual additional security. b. It would cause additional processing overhead and time delay. c. It might result in vendor lockout. d. The data subjects might be upset by this. B 78. Encryption is an essential tool for affording security to cloud-based operations. While it is possible to encrypt every system, piece of data, and transaction that takes place on the cloud, why might that not be the optimum choice for an organization? a. It could increase the possibility of physical theft. b. Encryption won 't work throughout the environment. c. The protection might be disproportionate to the value of the asset(s). d. Users will be able to see everything within the organization. C 79. Which of the following is not an element of the identification component of identity and access management (IAM)? a. Provisioning b. Management c. Discretion d. Deprovisioning C 80. Which of the following entities is most likely to play a vital role in the identity provisioning aspect of a user 's experience in an organization? a. The accounting department b. The human resources (HR) office c. The maintenance team d. The purchasing office B 81. Why is the deprovisioning element of the identification component of identity and access management (IAM) so important? a. Extra accounts cost so much extra money. b. Open but unassigned accounts are vulnerabilities. c. User tracking is essential to performance. d. Encryption has to be maintained. B 82. All of the following are reasons to perform review and maintenance actions on user accounts except ____________. a. To determine whether the user still needs the same access b. To determine whether the user is still with the organization c. To determine whether the data set is still applicable to the user 's role d. To determine whether the user is still performing well D 83. Who should be involved in review and maintenance of user accounts/access? a. The user 's manager b. The security manager c. The accounting department d. The incident response team A 84. Which of the following protocols is most applicable to the identification process aspect of identity and access management (IAM)? a. Secure Sockets Layer (SSL) b. Internet Protocol security (IPsec) c. Lightweight Directory Access Protocol (LDAP) d. Amorphous ancillary data transmission (AADT) C 85. Privileged user (administrators, managers, and so forth) accounts need to be reviewed more closely than basic user accounts. Why is this? a. Privileged users have more encryption keys. b. Regular users are more trustworthy. c. There are extra controls on privileged user accounts. d. Privileged users can cause more damage to the organization. D 86. The additional review activities that might be performed for privileged user accounts could include all of the following except _____________. a. Deeper personnel background checks b. Review of personal financial accounts for privileged users c. More frequent reviews of the necessity for access d. Pat-down checks of privileged users to deter against physical theft D 87. If personal financial account reviews are performed as an additional review control for privileged users, which of the following characteristics is least likely to be a useful indicator for review purposes? a. Too much money in the account b. Too little money in the account c. The bank branch being used by the privileged user d. Specific senders/recipients C 88. How often should the accounts of privileged users be reviewed? a. Annually b. Twice a year c. Monthly d. More often than regular user account reviews D 89. Privileged user account access should be __________. a. Temporary b. Pervasive c. Thorough d. Granular A W WGU C838 MANAGING CLOUD SECURITY FINAL EXAM OA 100 QUESTIONS AND ANSWERS LATEST |AGRADE b. Design c. Develop d. Test B 79. At which phase of the SDLC is it probably most useful to involve third-party personnel? a. Define b. Design c. Develop d. Test D 80. In SDLC implementations that include a Secure Operations phase, which of the following security techniques/tools are implemented during that phase? a. Vulnerability assessments and penetration testing b. Performance testing and security control validation c. Requirements fulfillment testing d. Threat modeling and secure design review A 81. A cloud environment that lacks security controls is vulnerable to exploitation, data loss, and interruptions. Conversely, excessive use of security controls ____________. a. Can lead to data breaches b. Causes electromagnetic interference c. Will affect quality of service d. Can cause regulatory noncompliance C 82. A cloud environment that lacks security controls is vulnerable to exploitation, data loss, and interruptions. Conversely, excessive use of security controls ____________. a. Can lead to DDoS b. Allows malware infections c. Increases the risk of adverse environmental effects d. Is an unnecessary expense D 83. A cloud environment that lacks security controls is vulnerable to exploitation, data loss, and interruptions. Conversely, excessive use of security controls ____________. a. Can lead to customer dissatisfaction b. Is a risk to health and human safety c. Brings down the organization 's stock price d. Negates the need for insurance A 84. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a bring your own device (BYOD) workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data and the process for getting an API added to the list of approved programs. You conduct an approved scan of the company data set in the cloud, with the provider 's permission. This allows you to catalog all APIs that have accessed and manipulated company data through authorized user accounts in the last month. The scan reveals that 300 different APIs were used by authorized personnel. Of these, 30 had been approved by the company and were on the list. Of the following, what is the most reasonable immediate action? a. Delete accounts of all users who had utilized unapproved APIs to access company data. b. Suspend access for all users who had utilized unapproved APIs to access company data. c. Block all unapproved APIs from accessing company data. d. Notify whomever you report to in the company hierarchy, and suggest bringing the matter to the attention of senior management immediately. D 85. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data and the process for getting an API added to the list of approved programs. You conduct an approved scan of the company data set in the cloud, with the provider 's permission. This allows you to catalog all APIs that have accessed and manipulated company data through authorized user accounts in the last month. The scan reveals that 300 different APIs were used by authorized personnel. Of these, 30 had been approved by the company and were on the list. You 've brought the matter to the attention of the CEO, who understands the issue and asks for your recommendation. What is probably the best suggestion? a. Gather more data about how users are utilizing the APIs and for what purposes. b. Delete accounts of all users who had utilized unapproved APIs to access company data. c. Suspend access for all users who had utilized unapproved APIs to access company data. d. Block all unapproved APIs from accessing company data. A 86. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data and the process for getting an API added to the list of approved programs. You conduct an approved scan of the company data set in the cloud, with the provider 's permission. This allows you to catalog all APIs that have accessed and manipulated company data through authorized user accounts in the last month. The scan reveals that 300 different APIs were used by authorized personnel. Of these, 30 had been approved by the company and were on the list. Upon performing an information-gathering investigation at the behest of the CEO, you determine that these APIs increased productivity 387 percent over the period since they were adopted, at a cost that is negligible compared to shepherding even one API through the company 's current approval process. What is your suggestion on how to handle the situation? a. Retroactively put all the APIs currently in use through the formal approval process, and require that all future APIs users want to install also get approved. b. Have the CEO waive formal approval processing for all APIs currently in use, granting them approval, but require all future APIs be approved through that process. c. Punish all employees who have installed or used any of the rogue APIs for violating company policy. d. Change the policy. D 87. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also dictate which APIs can be utilized to access and manipulate company data, and the process for getting an API added to the list of approved programs. After finding that users were routinely violating the API approval process but that the result of their violation was a massive increase in productivity and no appreciable increase in company expense, the CEO changed the company policies to allow users to select APIs with which to access and manipulate company data. As a subject matter expert, what should you also recommend to the CEO? a. Reward the users who committed the infractions, for aiding the company even when they were violating the policy. b. Replace all the personnel that violated the policy, and have the new personnel use the new policy from their start of hire. c. Restrict user access to possible APIs. d. Augment the current set of security controls used by the company in order to offset risks posed by the anticipated use of even more APIs from unknown sources. D 88. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also allow users to select which APIs they install and use on their own devices in order to access and manipulate company data. Of the following, what is a security control you 'd like to implement to offset the risk(s) incurred by this practice? a. Encrypt all routers between mobile users and the cloud. b. Use additional anti-malware detection capabilities on both user devices and the environment to which they connect. c. Implement strong multifactor authentication on all user-owned devices. d. Employ regular performance monitoring in the cloud environment to ensure that the cloud provider is meeting the SLA targets. B 89. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also allow users to select which APIs they install and use on their own devices in order to access and manipulate company data. Of the following, what is a security control you 'd like to implement to offset the risk(s) incurred by this practice? a. Regular and widespread integrity checks on sampled data throughout the managed environment b. More extensive and granular background checks on all employees, particularly new hires c. Inclusion of references to all applicable regulations in the policy documents d. Increased enforcement of separation of duties for all workflows A 90. You are the security manager for an online retail sales company with 100 employees and a production environment hosted in a PaaS model with a major cloud provider. Your company policies have allowed for a BYOD workforce that work equally from the company offices and their own homes or other locations. The policies also allow users to select which APIs they install and use on their own devices in order to access and manipulate company data. Of the fo llowing, what is a security control you 'd like to implement to offset the risk(s) incurred by this practice? WGU C838 MANAGING CLOUD SECURITY FINAL EXAM OA 100 QUESTIONS AND ANSWERS LATEST |AGRADE a. Enact secure connections between the user devices and the cloud environment using end-to-end encryption. b. Enact secure connections between the user devices and the cloud environment using link encryption. c. Employ additional user training. d. Tunnel all connections with a VPN. C 91. Users in your organization have been leveraging APIs for enhancing their productivity in the cloud environment. In order to ensure that you are securing API access to the production environment, you should deploy _________ and ____________. a. SSL and message-level cryptography b. TLS and message-level cryptography c. SSL and whole drive encryption d. TLS and whole drive encryption B 92. We implement IAM in order to control access between subjects and objects. What is the ultimate purpose of this effort? a. Identification. Determine who the specific, individual subjects are. b. Authentication. Verify and validate any identification assertions. c. Authorization. Grant subjects permissions to objects once they 've been authenticated. d. Accountability. Be able to reconstruct a narrative of who accessed what. A 93. ________ is perhaps the main external factor driving IAM efforts. a. Regulation b. Business need c. The evolving threat landscape d. Monetary value A 94. Whether in a cloud or legacy environment, it is important to implement both _________ and ________ access controls. a. Internal and managed b. Provider and customer c. Physical and logical d. Administrative and technical C 95. Access to specific data sets should be granted by ____________. a. The data subjects b. The data owners c. The data processors d. The data regulators B 96. Access should be granted based on all of the following except ____________. a. Policy b. Business needs c. Performance d. Acceptable risk C 97. Federation allows _________ across organizations. a. Role replication b. Encryption c. Policy d. Access D 98. Federation should be __________ to the users. a. Hostile b. Proportional c. Transparent d. Expensive C 99. A web application firewall (WAF) understands which protocol(s)? a. All protocols that use the Internet as a medium b. TLS c. HTTP d. FTP C 100. Web application firewalls and database activity monitors function at levels ________ and ________ of the OSI model, respectively. a. 1 and 7 b. 7 and 1 c. 7 and 7 d. 3 and 4 ------ C 50. When cloud computing professionals use the term ping, power, pipe , which of the following characteristics is not being described? a. Logical connectivity b. Human interaction c. Electricity d. HVAC B 51. Which of the following is not a goal of a site survey? a. Threat definition b. Target identification c. Penetration testing d. Facility characteristics C 52. Designing system redundancy into a cloud data center allows all the following capabilities except ____________. a. Incorporating additional hardware into the production environment b. Preventing any chance of service interruption c. Load-sharing/balancing d. Planned, controlled failover during contingency operations B 53. Gaseous fire suppression systems that function by displacing oxygen need to be installed in conjunction with ____________. a. Water cooling b. Filters c. Occupant training d. Failsafe or