WGU Course C838 - Managing Cloud Security C838 OA
QUESTIONS AND ANSWERS LATEST |AGRADE
Which phase of the cloud data life cycle allows both read and process functions to be performed?
A Create
B Archive
C Store
D Share - Correct answer-A
Which phase of the cloud data security life cycle typically occurs simultaneously with creation?
A Share
B Store
C Use
,D Destroy - Correct answer-B
Which phase of the cloud data life cycle uses content delivery networks?
A Destroy
B Archive
C Share
D Create - Correct answer-C
Which phase of the cloud data life cycle is associated with crypto-shredding?
A Share
B Use
C Destroy
D Store - Correct answer-C
Which cloud data storage architecture allows sensitive data to be replaced with unique identification
symbols that retain all the essential information about the data without compromising its security?
A Randomization
B Obfuscation
C Anonymization
D Tokenization - Correct answer-D
Which methodology could cloud data storage utilize to encrypt all data associated in an infrastructure as
a service (IaaS) deployment model?
A Sandbox encryption
B Polymorphic encryption
,C Client-side encryption
D Whole-instance encryption - Correct answer-D
21. Many processes are substantially different between fulfilling an eDiscovery request in a cloud
environment versus a traditional data center. Which of the following concepts is a major factor within
a
cloud environment?
A. Broad network access
B. Measured service
C. Elasticity
D. On-demand self-service
B
22. Which type of PII will often have public disclosure requirements for any compromise of personal
data?
A. Contractual
B. Jurisdictional
C. Regulated
D. Sensitive
C
23. Which of the following laws is highly related to the preservation and retention of electronic
records?
A. HIPAA
B. Safe Harbor
C. SOX
D. GLBA
C
24. During an SOC 2 audit, the change management policies and procedures of an organization are
evaluated. Which principle of the SOC 2 audit includes this evaluation?
A. Security
B. Privacy
C. Processing integrity
D. Availability
A
25. Which of the following is NOT one of the steps involved in the audit plan?
A. Define objectives
B. Remediation
C. Define scope
D. Lessons learned
B
, 26. ISO/IEC 27018 was developed to establish standards for privacy involving cloud computing. One of
its key components specifies the type and frequency of audits. Which of the following represents the
type and frequency of audits established under the standard?
A. Independent, yearly
B. Internal, every six months
C. Independent, every six months
D. Internal, yearly
A
27. Which step of the audit plan determines how many staff will need to be allocated on behalf of the
organization and the auditors to conduct a successful audit?
A. Define scope
B. Lessons learned
C. Define objectives
D. Conduct the audit
C
28. Many jurisdictions around the world have comprehensive regulations regarding privacy and data
protection. Which jurisdiction lacks an overall comprehensive policy that covers its entire
jurisdictional
area?
A. United States
B. European Union
C. Russia
D. Japan
A
29. An audit scope statement defines the entire process and procedures to be used while conducting
of
an audit. Which of the following items is NOT something that would be found in an audit scope
statement?
A. Exclusions
B. Costs
C. Certifications
D. Reports
B
30. Which of the following laws pertains to the protection and confidentiality of PII, related
specifically
to financial institutions?
A. HIPAA
B. SOX
C. Safe Harbor
D. GLBA
QUESTIONS AND ANSWERS LATEST |AGRADE
Which phase of the cloud data life cycle allows both read and process functions to be performed?
A Create
B Archive
C Store
D Share - Correct answer-A
Which phase of the cloud data security life cycle typically occurs simultaneously with creation?
A Share
B Store
C Use
,D Destroy - Correct answer-B
Which phase of the cloud data life cycle uses content delivery networks?
A Destroy
B Archive
C Share
D Create - Correct answer-C
Which phase of the cloud data life cycle is associated with crypto-shredding?
A Share
B Use
C Destroy
D Store - Correct answer-C
Which cloud data storage architecture allows sensitive data to be replaced with unique identification
symbols that retain all the essential information about the data without compromising its security?
A Randomization
B Obfuscation
C Anonymization
D Tokenization - Correct answer-D
Which methodology could cloud data storage utilize to encrypt all data associated in an infrastructure as
a service (IaaS) deployment model?
A Sandbox encryption
B Polymorphic encryption
,C Client-side encryption
D Whole-instance encryption - Correct answer-D
21. Many processes are substantially different between fulfilling an eDiscovery request in a cloud
environment versus a traditional data center. Which of the following concepts is a major factor within
a
cloud environment?
A. Broad network access
B. Measured service
C. Elasticity
D. On-demand self-service
B
22. Which type of PII will often have public disclosure requirements for any compromise of personal
data?
A. Contractual
B. Jurisdictional
C. Regulated
D. Sensitive
C
23. Which of the following laws is highly related to the preservation and retention of electronic
records?
A. HIPAA
B. Safe Harbor
C. SOX
D. GLBA
C
24. During an SOC 2 audit, the change management policies and procedures of an organization are
evaluated. Which principle of the SOC 2 audit includes this evaluation?
A. Security
B. Privacy
C. Processing integrity
D. Availability
A
25. Which of the following is NOT one of the steps involved in the audit plan?
A. Define objectives
B. Remediation
C. Define scope
D. Lessons learned
B
, 26. ISO/IEC 27018 was developed to establish standards for privacy involving cloud computing. One of
its key components specifies the type and frequency of audits. Which of the following represents the
type and frequency of audits established under the standard?
A. Independent, yearly
B. Internal, every six months
C. Independent, every six months
D. Internal, yearly
A
27. Which step of the audit plan determines how many staff will need to be allocated on behalf of the
organization and the auditors to conduct a successful audit?
A. Define scope
B. Lessons learned
C. Define objectives
D. Conduct the audit
C
28. Many jurisdictions around the world have comprehensive regulations regarding privacy and data
protection. Which jurisdiction lacks an overall comprehensive policy that covers its entire
jurisdictional
area?
A. United States
B. European Union
C. Russia
D. Japan
A
29. An audit scope statement defines the entire process and procedures to be used while conducting
of
an audit. Which of the following items is NOT something that would be found in an audit scope
statement?
A. Exclusions
B. Costs
C. Certifications
D. Reports
B
30. Which of the following laws pertains to the protection and confidentiality of PII, related
specifically
to financial institutions?
A. HIPAA
B. SOX
C. Safe Harbor
D. GLBA
