WGU C838 - Managing Cloud Security/
WGU C838 Certified Cloud Security
Specialist 4 Version of Exam
(3 Actual Exam) (1 Study Guide)
You are the
... [Show More] security subject matter expert (SME) for an organization considering a
transition from the legacy environment into a hosted cloud provider 's data center. One
of the challenges you 're facing is whether the cloud provider will be able to comply with
the existing legislative and contractual frameworks your organization is required to
follow. This is a _________ issue.
a. Resiliency
b. Privacy
c. Performance
d. Regulatory --------- CORRECT ANSWER ----- D
76. You are the security subject matter expert (SME) for an organization considering a
transition from the legacy environ ment into a hosted cloud provider 's data center. One
of the challenges you 're facing is whether the cloud provider will be able to allow your
organization to substantiate and determine with some assurance that all of the contract
terms are being met. This is a(n) ____________ issue.
a. Regulatory
b. Privacy
c. Resiliency
d. Auditability --------- CORRECT ANSWER ----- D
77. Encryption is an essential tool for affording security to cloud-based operations.
While it is possible to encrypt every system, piece of data, and transaction that takes
place on the cloud, why might that not be the optimum choice for an organization?
a. K ey length variances don 't provide any actual additional security.
b. It would cause additional processing overhead and time delay.
c. It might result in vendor lockout.
d. The data subjects might be upset by this. --------- CORRECT ANSWER ----- B
78. Encryption is an essential tool for affording security to cloud-based operations.
While it is possible to encrypt every system, piece of data, and transaction that takes
place on the cloud, why might that not be the optimum choice for an organization?
a. It could increase the possibility of physical theft.
b. Encryption won 't work throughout the environment.
c. The protection might be disproportionate to the value of the asset(s).
d. Users will be able to see everything within the organization. --------- CORRECT
ANSWER ----- C
79. Which of the following is not an element of the identification component of identity
and access management (IAM)?
a. Provisioning
b. Management
c. Discretion
d. Deprovisioning --------- CORRECT ANSWER ----- C
80. Which of the following entities is most likely to play a vital role in the identity
provisioning aspect of a user 's experience in an organization?
a. The accounting department
b. The human resources (HR) office
c. The maintenance team
d. The purchasing office --------- CORRECT ANSWER ----- B
81. Why is the deprovisioning element of the identification component of identity and
access management (IAM) so important?
a. Extra accounts cost so much extra money.
b. Open but unassigned accounts are vulnerabilities.
c. User tracking is essential to performance.
d. Encryption has to be maintained. --------- CORRECT ANSWER ----- B
82. All of the following are reasons to perform review and maintenance actions on user
accounts except ____________.
a. To determine whether the user still needs the same access
b. To determine whether the user is still with the organization
c. To determine whether the data set is still applicable to the user 's role
d. To determine whether the user is still performing well --------- CORRECT ANSWER ---
-- D
83. Who should be involved in review and maintenance of user accounts/access?
a. The user 's manager
b. The security manager
c. The accounting department
d. The incident response team --------- CORRECT ANSWER ----- A
84. Which of the following protocols is most applicable to the identification process
aspect of identity and access management (IAM)?
a. Secure Sockets Layer (SSL)
b. Internet Protocol security (IPsec)
c. Lightweight Directory Access Protocol (LDAP)
d. Amorphous ancillary data transmission (AADT) --------- CORRECT ANSWER ----- C
85. Privileged user (administrators, managers, and so forth) accounts need to be
reviewed more closely than basic user accounts. Why is this?
a. Privileged users have more encryption keys.
b. Regular users are more trustworthy.
c. There are extra controls on privileged user accounts.
d. Privileged users can cause more damage to the organization. --------- CORRECT
ANSWER ----- D
86. The additional review activities that might be performed for privileged user accounts
could include all of the following except _____________.
a. Deeper personnel background checks
b. Review of personal financial accounts for privileged users
c. More frequent reviews of the necessity for access
d. Pat-down checks of privileged users to deter against physical theft --------- CORRECT
ANSWER ----- D
87. If personal financial account reviews are performed as an additional review control
for privileged users, which of the following characteristics is least likely to be a useful
indicator for review purposes?
a. Too much money in the account
b. Too little money in the account
c. The bank branch being used by the privileged user
d. Specific senders/recipients --------- CORRECT ANSWER ----- C
88. How often should the accounts of privileged users be reviewed?
a. Annually
b. Twice a year
c. Monthly
d. More often than regular user account reviews --------- CORRECT ANSWER ----- D
89. Privileged user account access should be __________.
a. Temporary
b. Pervasive
c. Thorough
d. Granular --------- CORRECT ANSWER ----- A
90. The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common
threats to organizations participating in cloud computing. According to the CSA 's
Notorious Nine list, data breaches can be ____________.
a. Overt or covert
b. International or subterranean
c. From internal or external sources
d. Voluminous or specific --------- CORRECT ANSWER ----- C [Show Less]