WGU C838 FINAL EXAM TEST BANK 400
QUESTIONS AND ANSWERS LATEST
2023-2024 MANAGING CLOUD
SECURITY COMPLETE TEST BANK
|AGRADE
What NIST publication number defines cloud computing? – ANSWER800-145
What ISO/IEC standard provides information on cloud computing? –
ANSWER- 17788
What is cloud bursting? – ANSWER- Ability to increase available cloud
resources on demand
What are 3 characteristics of cloud computing? – ANSWER- Elasticity
Simplicity
Scalability
What is a cloud customer? – ANSWER- Anyone purchasing cloud
services
What is a cloud user? – ANSWER- Anyone using cloud services
What are the three cloud computing service models? – ANSWERSaaS(Software as a service)
PaaS(Platform as a service)
IaaS(Infrastructure as a service)
What is IaaS (Infrastructure as a Service)? – ANSWER- Cloud provider
provides all the physical capability and administration, while the
customer is responsible for logical resources.
What is PaaS (Platform as a Service)? – ANSWER- A cloud computing
service that provides the hardware and the operating system and is
responsible for updating and maintaining both.
What is SaaS (Software As A Service)? – ANSWER- Cloud provider
manages everything.
What are the four cloud deployment models? – ANSWER- Public
Private
Community
Hybrid
What cloud model is owned by a single organization? – ANSWERPrivate
What cloud model is an arrangement of two or more cloud servers? –
ANSWER- Hybrid
What cloud model is a shared setup between orgs? – ANSWERCommunity
What cloud model is open for free usage? – ANSWER- Public
What is a cloud service provider? – ANSWER- Cloud service provider
manages and provides entire hosting ability
What is a Cloud Access Security Broker? – ANSWER- Third-party
acting as an intermediary for identity and access management
What do regulators do? – ANSWER- Ensure organizations are in
compliance with regulatory framework.
What word in the CIA triad describes: What protects information from
unauthorized access/dissemination? – ANSWER- Confidentiality
What word in the CIA triad describes: Ensuring that information is not
subject to unauthorized modification? – ANSWER- Integrity
What word in the CIA triad describes: Ensuring that authorized users
can access the information when they are permitted to do so? –
ANSWER- Availability
What is a cloud architect? – ANSWER- Expert in cloud computing
What is cloud os also known as? – ANSWER- PaaS
NIST standard number that lists accredited and outmoded cryptosystems
- ANSWER- FIPS 140-2
customer may be unable to leave, migrate, or transfer to an alternate
provider due to technical or non-technical constraints. – ANSWERvendor lock-m
What is cloud migration? – ANSWER- Process of transitioning part of a
company’s data or services from onsite premises to the cloud
What is cloud portability? – ANSWER- Move applications and data
between cloud providers
What offers a degree of assurance that nobody w/o authorization will be
able to access other’s data? – ANSWER- Encryption
If a cloud customer wants a secure, isolated sandbox in order to conduct
software development and testing, which cloud service model would
probably be best? – ANSWER- PaaS
What technology has NOT made cloud service viable? – ANSWERSmart hubs
What determines the critical paths, processes, and assets of an
organization? – ANSWER- BIA
Fully-operational environment with very little maintenance or
administration necessary, which cloud service model would probably be
best? – ANSWER- PaaS
customer is unable to recover or access their own data due to the cloud
provider going into bankruptcy or otherwise leaving the market. –
ANSWER- Vendor lock-out
What are four examples of things to know to decide how to handle risks
within an org? – ANSWER- Inventory of all assets
Valuation of each asset
Critical paths, processes, and assets
Clear understanding of risk appetite
T/F: Assets are only tangible items. – ANSWER- False. Assets are
everything owned or controlled by an org.
The process of evaluating assets? – ANSWER- Business Impact
Analysis(BIA)
What is criticality? – ANSWER- Something an org could not operate or
exist without
What are 5 examples of criticality for an org – ANSWER- Tangible
assets
Intangible assets
Processes
Data paths
Personnel