WGU - Managing Cloud Security - D320
Exam 2025 Questions and Answers
Who is ultimately legally liable for any loss of data even in the case of negligence or malice? -
ANS Cloud Customers are legally responsible for what?
This is considered an asset? - ANS Data is considered what?
What are the phases of the Data Life Cycle? - ANS What process do these ordered steps
constitute?
1. Create
2. Store
3. Use
4. Share
5. Archive
6. Destroy
Who is responsible for data Categorization and Classification during the Creation Phase? -
ANS What is the primary responsibility of the Data Owner
What is the preferred upload method to the Cloud during the Store Phase? - ANS What are
IPSec and TLS 1.2 (or higher version) VPNs used for?
Pg. 1 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
,What is the recommended "Don't" of crypto key storage? - ANS Do not store crypto keys
with the cloud provider whether or not the cloud customer chooses to use a CASB.
What do Regulators do? - ANS Who arranges Cloud Services?
What is the role of Transference in addressing risks? - ANS What is one of the main methods
of addressing risks?
what does Critique fall under for copyrighted material? - ANS What is the "fair-use"
exception for copyrighted material?
What is Anonymization in terms of cloud storage? - ANS What is the technique used to
obscure data stored in the cloud?
What 3 risks are associated with IaaS (Infrastructure as a Service)? - ANS What Cloud Service
Model is associated with the following risks?
1. Personnel Threats
2. External Threats
3. Lack of Specific Skillsets
What 4 risks are associated with PaaS (Platform as a Service)? - ANS What Cloud Service
Model is associated with the following risks?
1. Interoperability Issues
2. Persistent Backdoors
3. Virtualization
4. Resource Sharing
Pg. 2 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
, What 3 risks are associated with SaaS (Software as a Service)? - ANS What Cloud Service
Model is associated with the following risks?
1. Proprietary Formats
2. Virtualization
3. Web Application Security
What kind of concern do New Dependencies introduce? - ANS What is a potential emergent
business impact analysis (BIA) Concern?
What are the three kinds of Audits? - ANS What are these forms of?
1. Internal
2. External
3. Audit Preparation
Who performs Internal Audits? - ANS What kind of audit is performed by employees of the
organization?
Who performs External Audits? - ANS What kind of audit is performed by individuals outside
of the organization?
What is Audit Preparation? - ANS What discusses and negotiates parameters of an audit
prior to its start?
What are the type of SOC Reports? - ANS What are the following items types of?
1. SOC 1
Pg. 3 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
Exam 2025 Questions and Answers
Who is ultimately legally liable for any loss of data even in the case of negligence or malice? -
ANS Cloud Customers are legally responsible for what?
This is considered an asset? - ANS Data is considered what?
What are the phases of the Data Life Cycle? - ANS What process do these ordered steps
constitute?
1. Create
2. Store
3. Use
4. Share
5. Archive
6. Destroy
Who is responsible for data Categorization and Classification during the Creation Phase? -
ANS What is the primary responsibility of the Data Owner
What is the preferred upload method to the Cloud during the Store Phase? - ANS What are
IPSec and TLS 1.2 (or higher version) VPNs used for?
Pg. 1 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
,What is the recommended "Don't" of crypto key storage? - ANS Do not store crypto keys
with the cloud provider whether or not the cloud customer chooses to use a CASB.
What do Regulators do? - ANS Who arranges Cloud Services?
What is the role of Transference in addressing risks? - ANS What is one of the main methods
of addressing risks?
what does Critique fall under for copyrighted material? - ANS What is the "fair-use"
exception for copyrighted material?
What is Anonymization in terms of cloud storage? - ANS What is the technique used to
obscure data stored in the cloud?
What 3 risks are associated with IaaS (Infrastructure as a Service)? - ANS What Cloud Service
Model is associated with the following risks?
1. Personnel Threats
2. External Threats
3. Lack of Specific Skillsets
What 4 risks are associated with PaaS (Platform as a Service)? - ANS What Cloud Service
Model is associated with the following risks?
1. Interoperability Issues
2. Persistent Backdoors
3. Virtualization
4. Resource Sharing
Pg. 2 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
, What 3 risks are associated with SaaS (Software as a Service)? - ANS What Cloud Service
Model is associated with the following risks?
1. Proprietary Formats
2. Virtualization
3. Web Application Security
What kind of concern do New Dependencies introduce? - ANS What is a potential emergent
business impact analysis (BIA) Concern?
What are the three kinds of Audits? - ANS What are these forms of?
1. Internal
2. External
3. Audit Preparation
Who performs Internal Audits? - ANS What kind of audit is performed by employees of the
organization?
Who performs External Audits? - ANS What kind of audit is performed by individuals outside
of the organization?
What is Audit Preparation? - ANS What discusses and negotiates parameters of an audit
prior to its start?
What are the type of SOC Reports? - ANS What are the following items types of?
1. SOC 1
Pg. 3 Copyright © 2025 Jasonmcconell. ALL RIGHTS RESERVED.
