100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
WGU - MANAGING CLOUD SECURITY EXAM - C838 $14.99   Add to cart

Exam (elaborations)

WGU - MANAGING CLOUD SECURITY EXAM - C838

 33 views  1 purchase
  • Course
  • Institution

WGU - MANAGING CLOUD SECURITY EXAM - C838/WGU - MANAGING CLOUD SECURITY EXAM - C838/WGU - MANAGING CLOUD SECURITY EXAM - C838

Preview 4 out of 34  pages

  • February 6, 2023
  • 34
  • 2022/2023
  • Exam (elaborations)
  • Questions & answers
avatar-seller
WGU - MANAGING CLOUD SECURITY
EXAM - C838
What are the 4 characteristics of cloud computing? - ✔Broad network access
On-demand services
Resource Pooling
Measured or "metered" service

What NIST publication number defines cloud computing? - ✔800-145

What ISO/IEC standard provides information on cloud computing? - ✔17788

What is another way of describing a functional business requirement? - ✔necessary

What is another way of describing a nonfunctional business requirement? - ✔not
necessary

What is the greatest driver pushing orgs to the cloud? - ✔Cost savings

What is cloud bursting? - ✔Ability to increase available cloud resources on demand

What are 3 characteristics of cloud computing? - ✔Elasticity
Simplicity
Scalability

What is a cloud customer? - ✔Anyone purchasing cloud services

What is a cloud user? - ✔Anyone using cloud services

What are the three cloud computing service models? - ✔SaaS(Software as a service)
PaaS(Platform as a service)
IaaS(Infrastructure as a service)

What is IaaS (Infrastructure as a Service)? - ✔Cloud provider provides all the physical
capability and administration, while the customer is responsible for logical resources.

What is PaaS (Platform as a Service)? - ✔A cloud computing service that provides the
hardware and the operating system and is responsible for updating and maintaining
both.

What is SaaS (Software As A Service)? - ✔Cloud provider manages everything.

What are the four cloud deployment models? - ✔Public
Private
Community

,WGU - MANAGING CLOUD SECURITY
EXAM - C838
Hybrid

What cloud model is owned by a single organization? - ✔Private

What cloud model is an arrangement of two or more cloud servers? - ✔Hybrid

What cloud model is a shared setup between orgs? - ✔Community

What cloud model is open for free usage? - ✔Public

What is a cloud service provider? - ✔Cloud service provider manages and provides
entire hosting ability

What is a Cloud Access Security Broker? - ✔Third-party acting as an intermediary for
identity and access management

What do regulators do? - ✔Ensure organizations are in compliance with regulatory
framework.

What word in the CIA triad describes: What protects information from unauthorized
access/dissemination? - ✔Confidentiality

What word in the CIA triad describes: Ensuring that information is not subject to
unauthorized modification? - ✔Integrity

What word in the CIA triad describes: Ensuring that authorized users can access the
information when they are permitted to do so? - ✔Availability

What is a cloud architect? - ✔Expert in cloud computing

What is cloud os also known as? - ✔PaaS

NIST standard number that lists accredited and outmoded cryptosystems - ✔FIPS 140-
2

customer may be unable to leave, migrate, or transfer to an alternate provider due to
technical or non-technical constraints. - ✔vendor lock-m

What is cloud migration? - ✔Process of transitioning part of a company's data or
services from onsite premises to the cloud

What is cloud portability? - ✔Move applications and data between cloud providers

,WGU - MANAGING CLOUD SECURITY
EXAM - C838
What offers a degree of assurance that nobody w/o authorization will be able to access
other's data? - ✔Encryption

If a cloud customer wants a secure, isolated sandbox in order to conduct software
development and testing, which cloud service model would probably be best? - ✔PaaS

What technology has NOT made cloud service viable? - ✔Smart hubs

What determines the critical paths, processes, and assets of an organization? - ✔BIA

Fully-operational environment with very little maintenance or administration necessary,
which cloud service model would probably be best? - ✔PaaS

customer is unable to recover or access their own data due to the cloud provider going
into bankruptcy or otherwise leaving the market. - ✔Vendor lock-out

What are four examples of things to know to decide how to handle risks within an org? -
✔Inventory of all assets
Valuation of each asset
Critical paths, processes, and assets
Clear understanding of risk appetite

T/F: Assets are only tangible items. - ✔False. Assets are everything owned or
controlled by an org.

The process of evaluating assets? - ✔Business Impact Analysis(BIA)

What is criticality? - ✔Something an org could not operate or exist without

What are 5 examples of criticality for an org - ✔Tangible assets
Intangible assets
Processes
Data paths
Personnel

In risk, what is the avoidance method? - ✔Avoiding high risk

In risk, what is the acceptance method? - ✔Acceptable level of risk

In risk, what is an example of the avoidance method? - ✔Insurance

, WGU - MANAGING CLOUD SECURITY
EXAM - C838
In risk, what is the mitigation method? - ✔Controls or countermeasures

Assets can be what? - ✔Tangible
Intangible
Personnel

What does Business Impact Analysis do? - ✔Defines which of the assets provide the
intrinsic value of an organization.

What is risk appetite - ✔Level, Amount, or Type of risk that an org finds acceptable

What is the IaaS boundary? - ✔The provider is responsible for connectivity and power
and the customer is in charge for installation of software.

What is the PaaS boundary? - ✔The provider is responsible for updates and
administration of the OS and the customer monitors and reviews software events.

What is the SaaS boundary? - ✔The provider is responsible for system maintenance
and the customer supplies and processes data to and in the system.

What should encryption be used for in a cloud datacenter? - ✔Long-term
storage/archiving
Protecting near-term stored files, such as snapshots of virtualized instances
Preventing unauthorized access to specific datasets by authorized personnel

What should encryption be used for in communications between cloud providers and
users? - ✔Creating secure sessions
Ensuring the integrity and confidentiality of data in transit

What are 4 controls/mechanisms a cloud provider should play a role in in layered
defense? - ✔Strong personnel controls
Technological controls
Physical controls
Governance mechanisms

In cloud layered defense what are examples of personnel controls? - ✔background
checks
continual monitoring

In cloud layered defense what are examples of technological controls? - ✔encryption
event logging
access control enforcement

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Ultimatenurse. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $14.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

62555 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$14.99  1x  sold
  • (0)
  Add to cart