WGU C838 MANAGING CLOUD SECURITY FINAL EXAM OA 100

WGU C838 MANAGING CLOUD SECURITY FINAL EXAM OA 100 QUESTIONS AND ANSWERS LATEST |AGRADE 1) You are the security subject matter expert (SME) for an organization considering atransitionfrom thelegacyenvironment intoahostedcloudprovider's data center. One of the challenges you 're facing is whether the cloud provider will be able to comply with the existing legislative and contractual frameworks yourorganization is requiredto follow.This is a issue. 2.Youare thesecuritysubject matterexpert (SME) foranorganizationconsideringa transition from the legacyenviron ment intoahosted cloudprovider 'sdata center. One of the challenges you 're facing is whether the cloud provider will be able to allow your organization to substantiate and determine with some assurance thatallof the contract terms are being met. This is a(n) issue. ulatory 3.Encryption is anessential tool foraffordingsecurity tocloud-basedoperations. While it is possible toencrypteverysystem,piece ofdata,and transactionthat takesplace onthe cloud, why might thatnotbe theoptimum choice foran organization? a.Key length variances don'tprovideanyactualadditionalsecurity. b. It would causeadditionalprocessingoverheadandtimedelay. a. Resiliency b. Privacy c. Performance d. Regulatory - ANSWER- D d. Encryption has to be maintained. - ANSWER- B c. User tracking is essential to performance. c. It might result in vendor lockout. d. The datasubjects might beupsetby this. - ANSWER- B 4.Encryption is anessential tool foraffordingsecuritytocloud-basedoperations. While it is possible toencrypteverysystem,piece ofdata,and transactiontha takesplace onthe cloud, why might thatnotbe theoptimum choice foran organization? a. It could increasethepossibility ofphysical theft. b.Encryption won 't work throughout theenvironment. c.Theprotection mightbedisproportionate tothe value of theasset(s). d. Users will be abletoseeeverything withintheorganization. - ANSWER- C 5. Whichof the following is notanelementof the identificationcomponentof identityandaccess management (IAM)? a. Provisioning b. Management c. Discretion d. Deprovisioning - ANSWER- C 6. Whichof the followingentities is most likely toplayavital role in the identity provisioningaspectofauser 's experience inanorganization? a. Theaccountingdepartment b. Thehumanresources (HR) office c. The maintenance team d. The purchasing office - ANSWER- B 7. Why is thedeprovisioningelementof the identificationcomponentof identityand access management (IAM) so important? a. Extra accounts cost so much extra money. b. Openbutunassignedaccounts arevulnerabilities. 8. Allof the followingare reasons toperform review and maintenanceactionsonuseraccounts except . a. Todetermine whether theuserstill needs thesameaccess c. The bank branch being used by d. Privileged users can cause more damage to the organization. - ANSWER- D c. There are extra controls on privileged user accounts. c. More frequent reviews of the necessity for access b. Review of personal financial accounts for privileged users 12. The additional review activities that might be performed for privileged user accounts could include all of the following except . a. Deeper personnel background checks b. Todetermine whether theuser is still withtheorganization c. Todetermine whether thedata set isstill applicable totheuser 's role d. Todetermine whether theuser is still performing well - ANSWER- D 9. Whoshouldbe involved inreview and maintenanceofuseraccounts/access? a. The user 's manager b.Thesecurity manager c. Theaccountingdepartment d. The incident responseteam - ANSWER- A 10. Which of the followingprotocols is mostapplicabletothe identification process aspectof identityand access management (IAM)? a. Secure Sockets Layer (SSL) b. Internet Protocolsecurity (IPsec) c.Lightweight Directory Access Protocol (LDAP) d. Amorphous ancillarydatatransmission (AADT) - ANSWER- C 11. Privilegeduser (administrators, managers,andsoforth)accountsneedtobereviewed more closely than basic user accounts. Why is this? a. Privileged usershave moreencryption keys. b. Regularusers are more trustworthy. d. Pat-down checks of privileged users to deter against physical theft - ANSWER-D 13. If personal financial account reviews are performed as an additional review control forprivileged users, whichof the following characteristics is least likely tobe a useful indicator for review purposes? a. Too much money intheaccount b. Too little money inthe account theprivileged user