Which phase of the cloud data lifecycle allows both read and process functions to be
performed? - ✔Create
Which technique scrambles the content of data using a mathematical algorithm while
keeping the structural arrangement of the data? - ✔Format-preserving encryption
Which encryption technique connects the instance to the encryption instance that
handles all crypto operations? - ✔Proxy
Which type of control should be used to implement custom controls that safeguard
data? - ✔Application level
A cloud administrator recommends using tokenization as an alternative to protecting
data without encryption. The administrator needs to make an authorized application
request to access the data. Which step should occur immediately before this action is
taken? - ✔The application stores the token
A company has recently defined classification levels for its data. During which phase of
the cloud data life cycle should this definition occur? - ✔Create
How is the compliance of the cloud service provider's legal and regulatory requirements
verified when securing personally identifiable information (PII) data in the cloud? - ✔
Third party audits and attestations
Which security strategy is associated with data rights management solutions? - ✔
Continuous auditing
What is a key capability of security information and event management? - ✔Centralized
collection of big data
A security analyst is investigating an incident of access to a resource from an
unauthorized location. Which data source should the security analyst use to investigate
the incident? - ✔Packet capture file
Which message type is generated from software systems to troubleshoot and identify
problems with running application codes? - ✔Debug
Which cloud computing tool is used to discover internal use of cloud services using
various mechanisms such as network monitoring? - ✔Cloud access security broker
(CASB)
Which cloud model provides data location assurance? - ✔Private
, WGU C838 MANAGING CLOUD SECURITY OA
Which technology allows an organization to control access to sensitive documents
stored in the cloud? - ✔Digital rights management
How do immutable workloads effect security overhead? - ✔They reduce the
management of the host
Which design principle of secure cloud computing ensures that users can utilize data
and applications from around the globe? - ✔Broad network access
Which standard addresses practices related to acquisition of forensic artifacts and can
be directly applied to a cloud environment? - ✔ISO/IEC 27050-1
Which technology allows an administrator to remotely manage a fleet of servers? - ✔
Management plane
What part of the logical infrastructure design is used to configure cloud resources, such
as launching virtual machines or configuring virtual networks? - ✔Management plane
Which action enhances cloud security application deployment through standards such
as ISO/IEC 27034 for the development, acquisition, and configuration of software
systems? - ✔Applying the steps of a cloud software development life cycle
Which element is a cloud virtualization risk? - ✔Guest isolation
The security administrator for a global cloud services provider (CSP) is required to
globally standardize the approaches for using forensics methodologies in the
organization. Which standard should be applied? - ✔ISO 27050-1
Which detection and analysis technique is performed to capture a point-in-time picture
of the entire stack at the time of an incident? - ✔Create a snapshot using API calls
A CSP operating in Australia experiences a security breach that results in disclosure of
personal information that is likely to result in serious harm. Who is the CSP legally
required to notify? - ✔Information commisioner
A CSP provides services in European Union (EU) countries that are subject to the
network information security (NIS) directive. The CSP experiences an incident that
significantly affects the continuity of the essential services being provided. Who is the
CSP required to notify under the NIS directive? - ✔Competent authorities
A cloud customer is setting up communication paths with the cloud service provider that
will be used in the event of an incident. Which action facilitates this type of
communication? - ✔Using existing open standards
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Ultimatenurse. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.