WGU D320 MANAGING CLOUD SECURITY EXAM
WGU D320 MANAGING CLOUD SECURITY EXAM | QUESTIONS
AND ANSWERS | VERIFIED ANSWERS | LATEST EXAM
1: Implements Secure Solutions
Which technology should be implemented to ensure secure communication
between on-site enterprise systems and a cloud platform - ANS >>> A. Domain
Name System Security Extensions (DNSSEC)
B. Internet Protocol Security (IPSec) VPN
C. Web Application Firewall (WAF)
D. Data Loss Prevention (DLP)
Correct Answer: B. Internet Protocol Security (IPSec) VPN
Explanation:
• IPSec VPN is designed to secure communication over an IP network. It
encrypts the entire IP packet for secure transmission between on-site systems
and cloud platforms, ensuring data integrity and confidentiality.
• DNSSEC ensures the integrity of DNS responses but doesn't provide secure
communication between systems.
• WAF protects web applications by filtering and monitoring HTTP traffic but is
not used for secure communication between systems.
• DLP prevents data breaches by monitoring and controlling data flows, but it
doesn't establish secure communication channels.
2: Implements Operations
Which phase of the cloud data lifecycle is most likely to overlap with the
'Create' phase in terms of implementing security controls - ANS >>> A. Share
,WGU D320 MANAGING CLOUD SECURITY EXAM
B. Store
C. Use
D. Destroy
,WGU D320 MANAGING CLOUD SECURITY EXAM
Correct Answer: B. Store
Explanation:
• Store often overlaps with the Create phase because as soon as data is created,
it usually needs to be securely stored. Security controls, such as encryption,
should be implemented at this stage.
• Share and Use happen after data is stored.
• Destroy is the final stage in the lifecycle and typically occurs after data is no
longer needed.
3: Conducts Risk Management
Which risk management approach involves completely eliminating a risk
because it exceeds the organization's risk appetite - ANS >>> A. Mitigation
B. Avoidance
C. Transfer
D. Acceptance
Correct Answer: B. Avoidance
Explanation:
• Avoidance involves eliminating the risk entirely, typically when the potential
impact is too great or when controls cannot adequately reduce the risk to an
acceptable level.
• Mitigation involves reducing the risk to an acceptable level.
• Transfer involves shifting the risk to a third party, such as through insurance.
• Acceptance involves acknowledging the risk and choosing to bear it without
further action.
4: Identifies Legal, Compliance, and Ethical Concerns
Which United States law focuses specifically on the privacy of financial
information - ANS >>> A. Health Insurance Portability and Accountability Act
(HIPAA)
B. Sarbanes-Oxley Act (SOX)
, WGU D320 MANAGING CLOUD SECURITY EXAM
C. Gramm-Leach-Bliley Act (GLBA)
D. Safe Harbor
Correct Answer: C. Gramm-Leach-Bliley Act (GLBA)
Explanation:
• GLBA is designed to protect consumer financial privacy by setting regulations
for how financial institutions handle private data.
• HIPAA focuses on healthcare information.
• SOX is concerned with corporate financial practices and reporting.
• Safe Harbor was an agreement between the US and EU for data transfers, not
specifically financial privacy.
1: Implements Secure Solutions
Which technology is most effective in preventing unauthorized access to
sensitive data by ensuring it is unreadable without proper decryption keys - ANS
>>> A. Data Masking
B. Tokenization
C. Encryption
D. Obfuscation
Correct Answer: C. Encryption
Explanation: Encryption transforms readable data into an unreadable format
using cryptographic algorithms, making it inaccessible to unauthorized users.
Tokenization and data masking are also methods of protecting data, but they do
not provide the same level of security as encryption. Obfuscation is the process
of making data more difficult to understand but is not intended to prevent
access.
2: Implements Operations
Which of the following activities is essential during the Secure Operations
phase of the Software Development Lifecycle (SDLC) - CORRECT ANSWER
- A. Static Analysis
B. Code Review
WGU D320 MANAGING CLOUD SECURITY EXAM | QUESTIONS
AND ANSWERS | VERIFIED ANSWERS | LATEST EXAM
1: Implements Secure Solutions
Which technology should be implemented to ensure secure communication
between on-site enterprise systems and a cloud platform - ANS >>> A. Domain
Name System Security Extensions (DNSSEC)
B. Internet Protocol Security (IPSec) VPN
C. Web Application Firewall (WAF)
D. Data Loss Prevention (DLP)
Correct Answer: B. Internet Protocol Security (IPSec) VPN
Explanation:
• IPSec VPN is designed to secure communication over an IP network. It
encrypts the entire IP packet for secure transmission between on-site systems
and cloud platforms, ensuring data integrity and confidentiality.
• DNSSEC ensures the integrity of DNS responses but doesn't provide secure
communication between systems.
• WAF protects web applications by filtering and monitoring HTTP traffic but is
not used for secure communication between systems.
• DLP prevents data breaches by monitoring and controlling data flows, but it
doesn't establish secure communication channels.
2: Implements Operations
Which phase of the cloud data lifecycle is most likely to overlap with the
'Create' phase in terms of implementing security controls - ANS >>> A. Share
,WGU D320 MANAGING CLOUD SECURITY EXAM
B. Store
C. Use
D. Destroy
,WGU D320 MANAGING CLOUD SECURITY EXAM
Correct Answer: B. Store
Explanation:
• Store often overlaps with the Create phase because as soon as data is created,
it usually needs to be securely stored. Security controls, such as encryption,
should be implemented at this stage.
• Share and Use happen after data is stored.
• Destroy is the final stage in the lifecycle and typically occurs after data is no
longer needed.
3: Conducts Risk Management
Which risk management approach involves completely eliminating a risk
because it exceeds the organization's risk appetite - ANS >>> A. Mitigation
B. Avoidance
C. Transfer
D. Acceptance
Correct Answer: B. Avoidance
Explanation:
• Avoidance involves eliminating the risk entirely, typically when the potential
impact is too great or when controls cannot adequately reduce the risk to an
acceptable level.
• Mitigation involves reducing the risk to an acceptable level.
• Transfer involves shifting the risk to a third party, such as through insurance.
• Acceptance involves acknowledging the risk and choosing to bear it without
further action.
4: Identifies Legal, Compliance, and Ethical Concerns
Which United States law focuses specifically on the privacy of financial
information - ANS >>> A. Health Insurance Portability and Accountability Act
(HIPAA)
B. Sarbanes-Oxley Act (SOX)
, WGU D320 MANAGING CLOUD SECURITY EXAM
C. Gramm-Leach-Bliley Act (GLBA)
D. Safe Harbor
Correct Answer: C. Gramm-Leach-Bliley Act (GLBA)
Explanation:
• GLBA is designed to protect consumer financial privacy by setting regulations
for how financial institutions handle private data.
• HIPAA focuses on healthcare information.
• SOX is concerned with corporate financial practices and reporting.
• Safe Harbor was an agreement between the US and EU for data transfers, not
specifically financial privacy.
1: Implements Secure Solutions
Which technology is most effective in preventing unauthorized access to
sensitive data by ensuring it is unreadable without proper decryption keys - ANS
>>> A. Data Masking
B. Tokenization
C. Encryption
D. Obfuscation
Correct Answer: C. Encryption
Explanation: Encryption transforms readable data into an unreadable format
using cryptographic algorithms, making it inaccessible to unauthorized users.
Tokenization and data masking are also methods of protecting data, but they do
not provide the same level of security as encryption. Obfuscation is the process
of making data more difficult to understand but is not intended to prevent
access.
2: Implements Operations
Which of the following activities is essential during the Secure Operations
phase of the Software Development Lifecycle (SDLC) - CORRECT ANSWER
- A. Static Analysis
B. Code Review
