3/13/25, 7:24 PM WGU D320/CCSP | Quizlet
Don't worry, you'll bounce back!
Your time: 1 min
WGU D320/CCSP
Correct 0 ACTUAL FINAL |
0%
133 COMPLETEIncorrect 132 COMPREHENSIVE
QUESTIONS AND CORRECT
Next steps
SOLUTIONS OBJECTIVE
ASSESSMENT NEWEST 2025
132 missed terms
Practice terms in Learn Take a new test
LATEST UPDATED [ALREADY
Practice your missed terms
more until you get them
Try another test to boost
your confidence.
right.
GRADED A+]
Your answers
1 of 132
Term
What is the international standard that provides guidance for the
creation of an organizational information security management system
(ISMS)?
A. NIST SP 800-53
B. PCI DSS
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 1/170
,3/13/25, 7:24 PM WGU D320/CCSP | Quizlet
C. ISO 27001
D. NIST SP 800-37
Give this one a try later!
B. Block storage is used to provide disk volumes and is the appropriate choice in
this situation. Object storage is used to store individual files but cannot be mounted
as a disk. There is no indication that Devon needs to use a database in this scenario.
Archival storage should only be used in cases where data does not need to be
frequently accessed and is not appropriate for a disk attached to a server instance.
C. ISO 27001 is an international standard for the creation of an information
security management system (ISMS). NIST SP 800-37 is the Risk Management
Framework created by the U.S. government for assessing the security of
systems. NIST SP 800-53 is the list of security controls approved for use by
U.S. government agencies and a means to map them to the Risk Management
Framework. The Payment Card Industry Data Security Standard (PCI DSS) is
the payment card industry's framework of compliance for all entities accepting
or processing credit card payments.
C. Cloud computing is a model for enabling ubiquitous, convenient, on-demand
network access to a shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, and services) that can be rapidly
provisioned and released with minimal management effort or service provider
interaction. This definition does not include multitenancy, which is a characteristic of
public cloud computing but not all cloud computing models.
C. The Common Criteria provide a general certification process for computing
hardware that might be used in government applications. FIPS 140-2 provides similar
guidance but is specific to cryptographic models and is not used for generalized
hardware. NIST 800-53 provides security control guidance but is not a certification
process. FedRAMP provides a certification process for cloud computing services
but not for hardware.
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 2/170
,3/13/25, 7:24 PM WGU D320/CCSP | Quizlet
Don't know?
2 of 132
Term
Carl is deploying a set of video sensors that will be placed in remote
locations as part of a research project. Due to connectivity limitations,
he would like to perform as much image processing and computation
as possible on the device itself before sending results back to the
cloud for further analysis. What computing model would best meet his
needs?
A. Serverless computing
B. Edge computing
C. IaaS computing
D. SaaS computing
Give this one a try later!
B. In all likelihood, the vendor will immediately deny this request because customers
should not have access to underlying infrastructure in a PaaS environment. If Stacy
truly needs this access, she should consider an IaaS offering instead of a PaaS
offering.
A. Bianca's concern in this situation is reversibility-the ability to back out the change
if it does not go well. Portability is the capability to move workloads easily between
environments but would only apply after the services are up and running. Similarly,
resiliency is the ability of an environment to withstand disruptions and is not a
primary concern in the middle of a migration. There are no regulatory concerns
raised in this scenario.
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 3/170
, 3/13/25, 7:24 PM WGU D320/CCSP | Quizlet
B. In this case, most cloud service models (including IaaS, SaaS, and
serverless/FaaS) would require transmitting most information back to the
cloud. The edge computing service model would be far more appropriate, as
it places computing power at the sensor, minimizing the data that must be sent
back to the cloud over limited connectivity network links.
B. The key to answering this question is recognizing that the multitenancy model
involves different customers accessing cloud resources hosted on shared hardware.
That makes this a public deployment regardless of the fact that access to a
particular server instance is limited to Matthew's company.
Don't know?
3 of 132
Term
Three central concepts define what type of data and information an
organization is responsible for pertaining to eDiscovery.
Which of the following are the three components that comprise
required disclosure?
A. Possession, ownership, control
B. Ownership, use, creation
C. Control, custody, use
D. Possession, custody, control
Give this one a try later!
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 4/170
Don't worry, you'll bounce back!
Your time: 1 min
WGU D320/CCSP
Correct 0 ACTUAL FINAL |
0%
133 COMPLETEIncorrect 132 COMPREHENSIVE
QUESTIONS AND CORRECT
Next steps
SOLUTIONS OBJECTIVE
ASSESSMENT NEWEST 2025
132 missed terms
Practice terms in Learn Take a new test
LATEST UPDATED [ALREADY
Practice your missed terms
more until you get them
Try another test to boost
your confidence.
right.
GRADED A+]
Your answers
1 of 132
Term
What is the international standard that provides guidance for the
creation of an organizational information security management system
(ISMS)?
A. NIST SP 800-53
B. PCI DSS
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 1/170
,3/13/25, 7:24 PM WGU D320/CCSP | Quizlet
C. ISO 27001
D. NIST SP 800-37
Give this one a try later!
B. Block storage is used to provide disk volumes and is the appropriate choice in
this situation. Object storage is used to store individual files but cannot be mounted
as a disk. There is no indication that Devon needs to use a database in this scenario.
Archival storage should only be used in cases where data does not need to be
frequently accessed and is not appropriate for a disk attached to a server instance.
C. ISO 27001 is an international standard for the creation of an information
security management system (ISMS). NIST SP 800-37 is the Risk Management
Framework created by the U.S. government for assessing the security of
systems. NIST SP 800-53 is the list of security controls approved for use by
U.S. government agencies and a means to map them to the Risk Management
Framework. The Payment Card Industry Data Security Standard (PCI DSS) is
the payment card industry's framework of compliance for all entities accepting
or processing credit card payments.
C. Cloud computing is a model for enabling ubiquitous, convenient, on-demand
network access to a shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, and services) that can be rapidly
provisioned and released with minimal management effort or service provider
interaction. This definition does not include multitenancy, which is a characteristic of
public cloud computing but not all cloud computing models.
C. The Common Criteria provide a general certification process for computing
hardware that might be used in government applications. FIPS 140-2 provides similar
guidance but is specific to cryptographic models and is not used for generalized
hardware. NIST 800-53 provides security control guidance but is not a certification
process. FedRAMP provides a certification process for cloud computing services
but not for hardware.
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 2/170
,3/13/25, 7:24 PM WGU D320/CCSP | Quizlet
Don't know?
2 of 132
Term
Carl is deploying a set of video sensors that will be placed in remote
locations as part of a research project. Due to connectivity limitations,
he would like to perform as much image processing and computation
as possible on the device itself before sending results back to the
cloud for further analysis. What computing model would best meet his
needs?
A. Serverless computing
B. Edge computing
C. IaaS computing
D. SaaS computing
Give this one a try later!
B. In all likelihood, the vendor will immediately deny this request because customers
should not have access to underlying infrastructure in a PaaS environment. If Stacy
truly needs this access, she should consider an IaaS offering instead of a PaaS
offering.
A. Bianca's concern in this situation is reversibility-the ability to back out the change
if it does not go well. Portability is the capability to move workloads easily between
environments but would only apply after the services are up and running. Similarly,
resiliency is the ability of an environment to withstand disruptions and is not a
primary concern in the middle of a migration. There are no regulatory concerns
raised in this scenario.
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 3/170
, 3/13/25, 7:24 PM WGU D320/CCSP | Quizlet
B. In this case, most cloud service models (including IaaS, SaaS, and
serverless/FaaS) would require transmitting most information back to the
cloud. The edge computing service model would be far more appropriate, as
it places computing power at the sensor, minimizing the data that must be sent
back to the cloud over limited connectivity network links.
B. The key to answering this question is recognizing that the multitenancy model
involves different customers accessing cloud resources hosted on shared hardware.
That makes this a public deployment regardless of the fact that access to a
particular server instance is limited to Matthew's company.
Don't know?
3 of 132
Term
Three central concepts define what type of data and information an
organization is responsible for pertaining to eDiscovery.
Which of the following are the three components that comprise
required disclosure?
A. Possession, ownership, control
B. Ownership, use, creation
C. Control, custody, use
D. Possession, custody, control
Give this one a try later!
https://quizlet.com/904531345/test?answerTermSides=6&promptTermSides=6&questionCount=133&questionTypes=4&showImages=true 4/170
