WGU C838 OA EXAM QUESTIONS WITH CORRECT
ANSWERS
Which |phase |of |the |cloud |data |lifecycle |allows |both |read |and |process |functions |to |be |
performed? |- |CORRECT |ANSWER✔✔-Create
Which |technique |scrambles |the |content |of |data |using |a |mathematical |algorithm |while |keeping
|the |structural |arrangement |of |the |data? |- |CORRECT |ANSWER✔✔-Format-preserving |
encryption
Which |encryption |technique |connects |the |instance |to |the |encryption |instance |that |handles |all |
crypto |operations? |- |CORRECT |ANSWER✔✔-Proxy
Which |type |of |control |should |be |used |to |implement |custom |controls |that |safeguard |data? |- |
CORRECT |ANSWER✔✔-Application |level
A |cloud |administrator |recommends |using |tokenization |as |an |alternative |to |protecting |data |
without |encryption. |The |administrator |needs |to |make |an |authorized |application |request |to |
access |the |data. |Which |step |should |occur |immediately |before |this |action |is |taken? |- |CORRECT |
ANSWER✔✔-The |application |stores |the |token
A |company |has |recently |defined |classification |levels |for |its |data. |During |which |phase |of |the |
cloud |data |life |cycle |should |this |definition |occur? |- |CORRECT |ANSWER✔✔-Create
How |is |the |compliance |of |the |cloud |service |provider's |legal |and |regulatory |requirements |
verified |when |securing |personally |identifiable |information |(PII) |data |in |the |cloud? |- |CORRECT |
ANSWER✔✔-Third |party |audits |and |attestations
, Which |security |strategy |is |associated |with |data |rights |management |solutions? |- |CORRECT |
ANSWER✔✔-Continuous |auditing
What |is |a |key |capability |of |security |information |and |event |management? |- |CORRECT |
ANSWER✔✔-Centralized |collection |of |big |data
A |security |analyst |is |investigating |an |incident |of |access |to |a |resource |from |an |unauthorized |
location. |Which |data |source |should |the |security |analyst |use |to |investigate |the |incident? |- |
CORRECT |ANSWER✔✔-Packet |capture |file
Which |message |type |is |generated |from |software |systems |to |troubleshoot |and |identify |
problems |with |running |application |codes? |- |CORRECT |ANSWER✔✔-Debug
Which |cloud |computing |tool |is |used |to |discover |internal |use |of |cloud |services |using |various |
mechanisms |such |as |network |monitoring? |- |CORRECT |ANSWER✔✔-Cloud |access |security |
broker |(CASB)
Which |cloud |model |provides |data |location |assurance? |- |CORRECT |ANSWER✔✔-Private
Which |technology |allows |an |organization |to |control |access |to |sensitive |documents |stored |in |
the |cloud? |- |CORRECT |ANSWER✔✔-Digital |rights |management
How |do |immutable |workloads |effect |security |overhead? |- |CORRECT |ANSWER✔✔-They |reduce |
the |management |of |the |host
Which |design |principle |of |secure |cloud |computing |ensures |that |users |can |utilize |data |and |
applications |from |around |the |globe? |- |CORRECT |ANSWER✔✔-Broad |network |access
Which |standard |addresses |practices |related |to |acquisition |of |forensic |artifacts |and |can |be |
directly |applied |to |a |cloud |environment? |- |CORRECT |ANSWER✔✔-ISO/IEC |27050-1
ANSWERS
Which |phase |of |the |cloud |data |lifecycle |allows |both |read |and |process |functions |to |be |
performed? |- |CORRECT |ANSWER✔✔-Create
Which |technique |scrambles |the |content |of |data |using |a |mathematical |algorithm |while |keeping
|the |structural |arrangement |of |the |data? |- |CORRECT |ANSWER✔✔-Format-preserving |
encryption
Which |encryption |technique |connects |the |instance |to |the |encryption |instance |that |handles |all |
crypto |operations? |- |CORRECT |ANSWER✔✔-Proxy
Which |type |of |control |should |be |used |to |implement |custom |controls |that |safeguard |data? |- |
CORRECT |ANSWER✔✔-Application |level
A |cloud |administrator |recommends |using |tokenization |as |an |alternative |to |protecting |data |
without |encryption. |The |administrator |needs |to |make |an |authorized |application |request |to |
access |the |data. |Which |step |should |occur |immediately |before |this |action |is |taken? |- |CORRECT |
ANSWER✔✔-The |application |stores |the |token
A |company |has |recently |defined |classification |levels |for |its |data. |During |which |phase |of |the |
cloud |data |life |cycle |should |this |definition |occur? |- |CORRECT |ANSWER✔✔-Create
How |is |the |compliance |of |the |cloud |service |provider's |legal |and |regulatory |requirements |
verified |when |securing |personally |identifiable |information |(PII) |data |in |the |cloud? |- |CORRECT |
ANSWER✔✔-Third |party |audits |and |attestations
, Which |security |strategy |is |associated |with |data |rights |management |solutions? |- |CORRECT |
ANSWER✔✔-Continuous |auditing
What |is |a |key |capability |of |security |information |and |event |management? |- |CORRECT |
ANSWER✔✔-Centralized |collection |of |big |data
A |security |analyst |is |investigating |an |incident |of |access |to |a |resource |from |an |unauthorized |
location. |Which |data |source |should |the |security |analyst |use |to |investigate |the |incident? |- |
CORRECT |ANSWER✔✔-Packet |capture |file
Which |message |type |is |generated |from |software |systems |to |troubleshoot |and |identify |
problems |with |running |application |codes? |- |CORRECT |ANSWER✔✔-Debug
Which |cloud |computing |tool |is |used |to |discover |internal |use |of |cloud |services |using |various |
mechanisms |such |as |network |monitoring? |- |CORRECT |ANSWER✔✔-Cloud |access |security |
broker |(CASB)
Which |cloud |model |provides |data |location |assurance? |- |CORRECT |ANSWER✔✔-Private
Which |technology |allows |an |organization |to |control |access |to |sensitive |documents |stored |in |
the |cloud? |- |CORRECT |ANSWER✔✔-Digital |rights |management
How |do |immutable |workloads |effect |security |overhead? |- |CORRECT |ANSWER✔✔-They |reduce |
the |management |of |the |host
Which |design |principle |of |secure |cloud |computing |ensures |that |users |can |utilize |data |and |
applications |from |around |the |globe? |- |CORRECT |ANSWER✔✔-Broad |network |access
Which |standard |addresses |practices |related |to |acquisition |of |forensic |artifacts |and |can |be |
directly |applied |to |a |cloud |environment? |- |CORRECT |ANSWER✔✔-ISO/IEC |27050-1
