WGU D488 CYBERSECURITY ARCHITECTURE AND ENGINEERING CASP+ EXAM WITH COMPLETE 500 QUESTIONS AND WELL ELABORATED ANSWERS JUST RELEASED THIS YEAR

Page 1 of 235



WGU D488 CYBERSECURITY ARCHITECTURE AND
ENGINEERING CASP+ EXAM WITH COMPLETE 500
QUESTIONS AND WELL ELABORATED ANSWERS
JUST RELEASED THIS YEAR

Which of the following is a vital component of a software company's supply chain, where
developers store and manage their code?


A. Chips
B. Third-party libraries
C. Source code repositories
D. Development language

C. Source code repositories

What aspect of a software supply chain could influence the choice of libraries and frameworks
used in development, as well as target platforms?


A. Third-party libraries
B. Chips
C. Development language
D. Source code repositories

C. Development language

Which component of a software supply chain is often integrated into projects to expedite
development but can introduce security risks if not properly managed?


A. Development language

, Page 2 of 235


B. Chips
C. Source code repositories
D. Third-party libraries

D. Third-party libraries

Which of the following is less likely to be involved in a software company's supply chain but is
more relevant to hardware companies?


A. Chips
B. Source code repositories
C. Development language
D. Third-party libraries

A. Chips

A U.S.-based company has expanded operations globally and decided to start following the
27k standard. However, they have migrated all of their services to the cloud, and they want to
follow cloud controls. Which of the following is part of the 27k cloud standards? (Select all
that apply.)


1. 27002
2. 27017
3. 27018
4. 27701


A) 1, 2
B) 1, 3
C) 2, 3
D) 3, 4

C) 2, 3

, Page 3 of 235


Which ISO 27k standard provides guidelines specifically for information security controls in
cloud environments?


A. 27018
B. 27002
C. 27017
D. 27701

C. 27017

Which ISO 27k standard focuses on guidelines for protecting personally identifiable
information (PII) in cloud environments?


A. 27701
B. 27017
C. 27002
D. 27018

D. 27018

Which standard defines security controls and provides guidelines for organizational security
standards, often used in conjunction with ISO 27001?


A. 27002
B. 27701
C. 27017
D. 27018

A. 27002

Which ISO 27k standard focuses on personal data and privacy, providing guidance for privacy
information management?

, Page 4 of 235



A. 27018
B. 27002
C. 27017
D. 27701

D. 27701

A U.S.-based coffee company is expanding its operations to Japan and plans to implement a
new payment system that processes credit card transactions. To ensure they follow data
protection standards for credit card data, which of the following standards should they
comply with?


A. STAR (Cloud Security Alliance Security Trust and Assurance Registry)
B. CMMI (Capability Maturity Model Integration)
C. PCI DSS (Payment Card Industry Data Security Standard)
D. GDPR (General Data Protection Regulation)

C. PCI DSS (Payment Card Industry Data Security Standard)

Which global data protection standard is specifically designed to ensure the secure
processing, storage, and transmission of credit card information?


A. CMMI (Capability Maturity Model Integration)
B. PCI DSS (Payment Card Industry Data Security Standard)
C. GDPR (General Data Protection Regulation)
D. STAR (Cloud Security Alliance Security Trust and Assurance Registry)

B. PCI DSS (Payment Card Industry Data Security Standard)

What evaluation measures the security capabilities and privacy controls of a cloud service
provider against the Cloud Security Alliance Cloud Controls Matrix (CCM)?