CLOUD FOUNDATIONS - D282 (SECURITY AND COMPLIANCE) WGU 2024 QUESTIONS WITH CORRECT ANSWERS!!
What is the number of security groups per VPX or per region? Answer - 500
Which AWS feature provides a constant monitoring service that assists in locating and solving malicious security breaches within your AWS infrastructure? Answer - Amazon GuardDuty
What mode within IPSec has both the source and destination hosts performing cryptographic functions? Answer - Transport Mode
According to the AWS shared responsibility model, which entity is responsible for protecting the AWS infrastructure that runs all of the services offered in the AWS Cloud? Answer - AWS
Which service protects again SQL injection and cross-site scripting attacks? Answer - AWS Web Application Firewall (WAF)
Which tool checks the compliance in IAM configurations to make sure it has a secure
access to respective AWS resource, and validates ports 22, 3389, and 5500? Answer - Trusted Advisor Tool
According to the AWS shared responsibility model, which entity is responsible for the
patching of guest OSes and applications? Answer - the customer
Which section of the IAM policy determines what assets the IAM policy will use? Answer - The Resource section
What are two security options used within Amazon S3 that can be used for preventing accidental delete action? Answer - Versioning and MFA Delete
Which AWS service would you use to review the full history of changes made to your
application's data? Answer - Amazon Quantum Ledger Database (QLDB)
Which specific security component manages several IAM users and gives you the ability to specify security permissions for a given set of users? Answer - An AWS Identify and Access Management (IAM) group Which section of an IAM policy determines the behaviors and actions of what policy will allow? Answer - The Effects section
Which section of AWS Artifact provides you with compliance reporting from third-
party auditors? Answer - Artifact Reports
According to the AWS shared responsibility model, who is responsible for maintaining the infrastructure for virtualization? Answer - AWS
Which standard requires companies to guarantee the secure processing and handling of the storing and transmission of credit card information? Answer - Payment Card Industry Data Security Standard (PCI-DSS)
According to the AWS shared responsibility model, who is responsible for managing Availability Zones, Regions, and Edge Locations? Answer - AWS
What are software packages/services offered as a single package, which automate cloud security? Answer - Orchestration Systems
Which IAM policies are created and managed by AWS? Answer - Manages Policies
Which document defines the security for a company's cloud controls, policies, responsibilities, and underlying technologies? Answer - Security Policy Document
Which service provides DDoS protection? Answer - AWS Shield
What allows multiple organizations to be able to use the same date for identification purposes? Answer - Federations
Which component is a way of defining allowed or denied permissions for a user or resource by attaching this component? Answer - AWS Identity and Access Management (IAM) policies
What is the term for a zone defined by a group of ports? Answer - Hard Zoning
According to the AWS shared responsibility model, who needs to perform patching of
the RDS database engines? Answer - AWS
Which cloud component focuses on firewalls, intrusion detection, and encryption? Answer - Security component
Which AWS resource is considered a federated tool that allows you to have your own single sign-on using identity providers such as Microsoft Active Directory Federation Services (ADFS) or Google? Answer - AWS Cognito
Which type of control involves passing control from AWS specifically back to the customer? Answer - Inherited Controls
What is the number of security groups per VPX or per region? Answer - 500
Which AWS feature provides a constant monitoring service that assists in locating and solving malicious security breaches within your AWS infrastructure? Answer - Amazon GuardDuty
What mode within IPSec has both the source and destination hosts performing cryptographic functions? Answer - Transport Mode
According to the AWS shared responsibility model, which entity is responsible for protecting the AWS infrastructure that runs all of the services offered in the AWS Cloud? Answer - AWS
Which service protects again SQL injection and cross-site scripting attacks? Answer - AWS Web Application Firewall (WAF)
Which tool checks the compliance in IAM configurations to make sure it has a secure
access to respective AWS resource, and validates ports 22, 3389, and 5500? Answer - Trusted Advisor Tool
According to the AWS shared responsibility model, which entity is responsible for the
patching of guest OSes and applications? Answer - the customer
Which section of the IAM policy determines what assets the IAM policy will use? Answer - The Resource section
What are two security options used within Amazon S3 that can be used for preventing accidental delete action? Answer - Versioning and MFA Delete
Which AWS service would you use to review the full history of changes made to your
application's data? Answer - Amazon Quantum Ledger Database (QLDB)
Which specific security component manages several IAM users and gives you the ability to specify security permissions for a given set of users? Answer - An AWS Identify and Access Management (IAM) group Which section of an IAM policy determines the behaviors and actions of what policy will allow? Answer - The Effects section
Which section of AWS Artifact provides you with compliance reporting from third-
party auditors? Answer - Artifact Reports
According to the AWS shared responsibility model, who is responsible for maintaining the infrastructure for virtualization? Answer - AWS
Which standard requires companies to guarantee the secure processing and handling of the storing and transmission of credit card information? Answer - Payment Card Industry Data Security Standard (PCI-DSS)
According to the AWS shared responsibility model, who is responsible for managing Availability Zones, Regions, and Edge Locations? Answer - AWS
What are software packages/services offered as a single package, which automate cloud security? Answer - Orchestration Systems
Which IAM policies are created and managed by AWS? Answer - Manages Policies
Which document defines the security for a company's cloud controls, policies, responsibilities, and underlying technologies? Answer - Security Policy Document
Which service provides DDoS protection? Answer - AWS Shield
What allows multiple organizations to be able to use the same date for identification purposes? Answer - Federations
Which component is a way of defining allowed or denied permissions for a user or resource by attaching this component? Answer - AWS Identity and Access Management (IAM) policies
What is the term for a zone defined by a group of ports? Answer - Hard Zoning
According to the AWS shared responsibility model, who needs to perform patching of
the RDS database engines? Answer - AWS
Which cloud component focuses on firewalls, intrusion detection, and encryption? Answer - Security component
Which AWS resource is considered a federated tool that allows you to have your own single sign-on using identity providers such as Microsoft Active Directory Federation Services (ADFS) or Google? Answer - AWS Cognito
Which type of control involves passing control from AWS specifically back to the customer? Answer - Inherited Controls
