D320 D 320 Question Bank Latest

D320 / D 320 Question Bank (Latest Update 2025 / 2026) Managing Cloud Security | Questions with Answers | Grade A | 100% Correct - WGU

Question:

Which type of communication channel should be established between parties in a supply chain to be used in a disaster situation?

• Back
• Landline
• Satellite
• Secondary

Answer:

Secondary

• / 4

Question:

An organization's engineers recently attended a training session designed to raise awareness of the dangers of using insecure direct object identifiers to view another user's account information.Which Open Web Application Security Project (OWASP) Top 10 vulnerability category did their training cover?

• Vulnerable and outdated components
• Identification and authentication failures
• Broken access control
• Security logging failures

Answer:

Broken access control

Question:

An organization's engineers recently attended a training session that raised their awareness of the dangers of using weak algorithms or protocols for data security.Which Open Web Application Security Project (OWASP) Top 10 vulnerability category did their training cover?

• Insecure design
• Hashing
• Sandboxing
• Cryptographic failures

Answer:

Cryptographic failures 2 / 4

Question:

A company plans to deploy a new application. Before the deployment, the company hires an IT security consultant to perform a zero-knowledge test to access the application as an external hacker would.Which testing technique applies to the work the consultant is performing?

• Black box
• White box
• Abuse case
• Static application

Answer:

Black box

Question:

Which concept refers to multiple teams and roles within an organization that perform testing on code from end to end to ensure that the code meets all standards and requirements?

• Quality assurance
• Identity assurance
• Full tests
• Tabletop tests

Answer:

Quality assurance

• / 4

Question:

What is the purpose of implementing rate limiting in application programming interface (API) security?

• To reduce API response time
• To block unauthorized API access
• To prevent API overuse
• To increase API usage

Answer:

To prevent API overuse

Question:

An organization wants to ensure that untested software updates provided by a third-party vendor are not run in its mission-critical environment.What should the organization use in this scenario?

• Automatic updates
• Update notifications
• Update documentation
• Manual updates

Answer:

Manual updates

• / 4