WGU D320 80 QUESTION VERSION (JYO2) LATEST
2025/2026
Question 1
Which process involves assessing and identifying the potential effects of
disruptions to a business operation?
A) Risk Appetite Analysis
B) Business Continuity Planning
C) Business Impact Analysis (BIA)
D) Disaster Recovery Planning
E) Threat Modeling
Correct Answer: C) Business Impact Analysis (BIA)
Rationale: A Business Impact Analysis (BIA) is a process that assesses
and identifies the potential effects of disruptions to a business
operation.
Question 2
What term describes a component or system that, if it fails, will cause the
entire system to fail?
A) Redundant System
B) Critical Path
C) Single Point of Failure (SPOF)
D) Bottleneck
E) Fault-Tolerant System
Correct Answer: C) Single Point of Failure (SPOF)
Rationale: A SPOF is a component or system that, if it fails, will cause
the entire system to fail.
Question 3
Which type of risk assessment uses specific numerical values to evaluate
risks?
A) Qualitative
B) Comparative
,C) Subjective
D) Observational
E) Quantitative
Correct Answer: E) Quantitative
Rationale: Quantitative risk assessment uses specific numerical
values.
Question 4
A risk assessment method that uses non-numerical categories like high,
medium, and low is known as:
A) Quantitative
B) Predictive
C) Statistical
D) Qualitative
E) Absolute
Correct Answer: D) Qualitative
Rationale: Qualitative risk assessment uses non-numerical categories
that are relative in nature, such as high, medium, and low.
Question 5
What is the term for the level, amount, or type of risk that an organization
finds acceptable?
A) Risk Tolerance
B) Risk Mitigation
C) Risk Appetite
D) Risk Exposure
E) Risk Threshold
Correct Answer: C) Risk Appetite
Rationale: Risk appetite is the level, amount, or type of risk that the
organization finds acceptable.
Question 6
The remaining risk that exists after countermeasures have been applied is
,called:
A) Inherent Risk
B) Gross Risk
C) Acceptable Risk
D) Residual Risk
E) Net Risk
Correct Answer: D) Residual Risk
Rationale: Residual risk is the remaining risk that exists after
countermeasures have been applied.
Question 7
In which cloud service model does the cloud customer have the most
responsibility and authority, with the cloud provider only liable for the
underlying hardware?
A) PaaS (Platform as a Service)
B) SaaS (Software as a Service)
C) IaaS (Infrastructure as a Service)
D) FaaS (Function as a Service)
E) CaaS (Container as a Service)
Correct Answer: C) IaaS (Infrastructure as a Service)
Rationale: IaaS is a service model where the cloud customer has the
most responsibility and authority. The cloud provider is only liable
for the underlying hardware.
Question 8
In which cloud service model does the cloud customer lose more control
because the cloud provider is responsible for installing, maintaining, and
administering the operating system as well as the underlying hardware?
A) IaaS (Infrastructure as a Service)
B) SaaS (Software as a Service)
C) PaaS (Platform as a Service)
D) XaaS (Anything as a Service)
, E) CaaS (Container as a Service)
Correct Answer: C) PaaS (Platform as a Service)
Rationale: PaaS is a service model where the cloud customer loses
more control because the cloud provider is responsible for
installing, maintaining, and administering the OS as well as
underlying hardware.
Question 9
Which cloud service model results in the cloud customer losing all control of
the environment, with the cloud provider responsible for all of the underlying
hardware and software?
A) IaaS (Infrastructure as a Service)
B) PaaS (Platform as a Service)
C) SaaS (Software as a Service)
D) DaaS (Desktop as a Service)
E) FaaS (Function as a Service)
Correct Answer: C) SaaS (Software as a Service)
Rationale: SaaS is a service model where the cloud customer loses all
control of the environment. The cloud provider is responsible for all
of the underlying hardware and software.
Question 10
What is a method of processing data in the cloud while it remains encrypted?
A) Asymmetric Encryption
B) Symmetric Encryption
C) Homomorphic encryption
D) Quantum Cryptography
E) Hashing
Correct Answer: C) Homomorphic encryption
Rationale: Homomorphic encryption is a method of processing data in
the cloud while it remains encrypted.
2025/2026
Question 1
Which process involves assessing and identifying the potential effects of
disruptions to a business operation?
A) Risk Appetite Analysis
B) Business Continuity Planning
C) Business Impact Analysis (BIA)
D) Disaster Recovery Planning
E) Threat Modeling
Correct Answer: C) Business Impact Analysis (BIA)
Rationale: A Business Impact Analysis (BIA) is a process that assesses
and identifies the potential effects of disruptions to a business
operation.
Question 2
What term describes a component or system that, if it fails, will cause the
entire system to fail?
A) Redundant System
B) Critical Path
C) Single Point of Failure (SPOF)
D) Bottleneck
E) Fault-Tolerant System
Correct Answer: C) Single Point of Failure (SPOF)
Rationale: A SPOF is a component or system that, if it fails, will cause
the entire system to fail.
Question 3
Which type of risk assessment uses specific numerical values to evaluate
risks?
A) Qualitative
B) Comparative
,C) Subjective
D) Observational
E) Quantitative
Correct Answer: E) Quantitative
Rationale: Quantitative risk assessment uses specific numerical
values.
Question 4
A risk assessment method that uses non-numerical categories like high,
medium, and low is known as:
A) Quantitative
B) Predictive
C) Statistical
D) Qualitative
E) Absolute
Correct Answer: D) Qualitative
Rationale: Qualitative risk assessment uses non-numerical categories
that are relative in nature, such as high, medium, and low.
Question 5
What is the term for the level, amount, or type of risk that an organization
finds acceptable?
A) Risk Tolerance
B) Risk Mitigation
C) Risk Appetite
D) Risk Exposure
E) Risk Threshold
Correct Answer: C) Risk Appetite
Rationale: Risk appetite is the level, amount, or type of risk that the
organization finds acceptable.
Question 6
The remaining risk that exists after countermeasures have been applied is
,called:
A) Inherent Risk
B) Gross Risk
C) Acceptable Risk
D) Residual Risk
E) Net Risk
Correct Answer: D) Residual Risk
Rationale: Residual risk is the remaining risk that exists after
countermeasures have been applied.
Question 7
In which cloud service model does the cloud customer have the most
responsibility and authority, with the cloud provider only liable for the
underlying hardware?
A) PaaS (Platform as a Service)
B) SaaS (Software as a Service)
C) IaaS (Infrastructure as a Service)
D) FaaS (Function as a Service)
E) CaaS (Container as a Service)
Correct Answer: C) IaaS (Infrastructure as a Service)
Rationale: IaaS is a service model where the cloud customer has the
most responsibility and authority. The cloud provider is only liable
for the underlying hardware.
Question 8
In which cloud service model does the cloud customer lose more control
because the cloud provider is responsible for installing, maintaining, and
administering the operating system as well as the underlying hardware?
A) IaaS (Infrastructure as a Service)
B) SaaS (Software as a Service)
C) PaaS (Platform as a Service)
D) XaaS (Anything as a Service)
, E) CaaS (Container as a Service)
Correct Answer: C) PaaS (Platform as a Service)
Rationale: PaaS is a service model where the cloud customer loses
more control because the cloud provider is responsible for
installing, maintaining, and administering the OS as well as
underlying hardware.
Question 9
Which cloud service model results in the cloud customer losing all control of
the environment, with the cloud provider responsible for all of the underlying
hardware and software?
A) IaaS (Infrastructure as a Service)
B) PaaS (Platform as a Service)
C) SaaS (Software as a Service)
D) DaaS (Desktop as a Service)
E) FaaS (Function as a Service)
Correct Answer: C) SaaS (Software as a Service)
Rationale: SaaS is a service model where the cloud customer loses all
control of the environment. The cloud provider is responsible for all
of the underlying hardware and software.
Question 10
What is a method of processing data in the cloud while it remains encrypted?
A) Asymmetric Encryption
B) Symmetric Encryption
C) Homomorphic encryption
D) Quantum Cryptography
E) Hashing
Correct Answer: C) Homomorphic encryption
Rationale: Homomorphic encryption is a method of processing data in
the cloud while it remains encrypted.
