WGU D320(Managing Cloud Security)

D320(Managing Cloud Security) Leave the first rating Students also studied Terms in this set (80) Science Computer Science Computer Security and Reliability Save WGU Course C838 - Managing Clou...1,037 terms WieldyStone2 Preview D320 - Managing Cloud Security 701 terms SpaceChimpanzee Preview

WGU D320/CCSP

133 terms laterskaterssPreview

D320 -

80 terms Bah Which phase of the cloud data life cycle requires adherence to export and import restrictions, including Export Administration Regulations (EAR) and the Wassenaar Arrangement?Share Why is the striping with parity method of storing data used in most redundant array of independent disks (RAID) configurations?It allows efficient data recovery as even if one drive fails, other drives fill in the missing data.What is the purpose of egress monitoring tools? They are used to prevent data from going outside the control of an organization.A company is looking at different types of cloud storage options. One of the threats to cloud storage that the company foresees is the possibility of losing forensic artifacts in the event of an incident response investigation. Which type of cloud storage has the highest risk of losing forensic artifacts in the event of an incident response investigation?Ephemeral A manager is made aware of a customer complaint about how an application developed by the company collects personal and environmental information from the devices it is installed on. Which document should the manager refer to in order to determine if the company has properly disclosed information about what data it collects from this application's users?Privacy notice

An organization needs to store passwords in a database securely. The data should not be available to system administrators. Which technique should the organization use?Hashing A company is looking to ensure that the names of individuals in its data in the cloud are not revealed in the event of a data breach, as the data is sensitive and classified. Which data masking technique should the company use to prevent attackers from identifying individuals in the event of a data breach?Anonymization An organization needs to quickly identify the document owner in a shared network folder. Which technique should the organization use to meet this goal?Labeling An organization plans to introduce a new data standard and wants to ensure that system inventory data will be efficiently discovered and processed. Which type of data should the organization use to meet this goal?Structured An organization implemented an information rights management (IRM) solution to prevent critical data from being copied without permission and a cloud backup solution to ensure that the critical data is protected from storage failures. Which IRM challenge will the organization need to address?Replication restrictions A data center engineer is tasked with the destruction of data on solid-state drives (SSDs). The engineer must ensure that the data is not able to be retrieved. Which data destruction action should the engineer take to meet this goal?Crypto-shredding An organization wants to gather and interpret logs from its cloud environment. Which system should the organization use for this task?Security Information and Event Management (SIEM) An organization with a Security Information and Event Management (SIEM) system wants to minimize errors or missed issues due to human log analysis. Which SIEM policy should the organization use in this case?Automated analysis of data sets Which software type allows multiple operating systems to run on the same physical server in a virtualized environment?Hypervisor What is the name of the process of automatically provisioning, configuring, and managing virtual machines and other resources in a virtualized environment?Orchestration

Which cloud computing characteristic allows customers to manage their utilization by only paying for the resources used?Metered service Which cloud deployment model allows customers to take advantage of service and price differences from two or more cloud vendors?Multi-cloud Which cloud consideration refers to the ability of the infrastructure to withstand disruptive events?Resiliency Which technology is used to protect the confidentiality of data from on-path attacks?Transport Layer Security (TLS) Which technology allows cryptographic secrets to be held in a secure way so that they can be recovered by parties who have authorization?Key escrow Which safety control acts as a virtual firewall in cloud environments?Network security group An organization with a single headquarters building in New York City wants to secure its cloud infrastructure so that only users at its offices can administer its cloud resources.Which architectural concept should the organization implement?Geofencing Which business continuity/disaster recovery (BC/DR) term refers to a secure container that contains all the necessary documentation and resources needed to conduct a proper BC/DR response action?Toolkit An organization is planning to store its production data in a public cloud service. While researching the service, the organization discovers that its data will be stored in a proprietary data format that cannot be read by other cloud services. Which cloud risk does this represent?Vendor lock-in A company configures a backup solution that will automatically sync the data between the services of multiple cloud service providers to prevent data redundancy. One concern is that the different service offerings may not have the same level of data protection and may not allow direct syncing between the providers.Which architectural concept addresses this concern?Interoperability Which design pillar represents the ability of a workload to execute its intended function accurately and consistently when it is expected to?Reliability

A cloud customer wants to store application programming interface (API) tokens for their applications so they can be accessed from anywhere. Which cloud provider service should the customer use?Secrets management The Department of Justice (DOJ) assesses options for a new cloud-hosted collaboration solution. What should it use to ensure that the vendors are compliant with the governmental regulations for data management in the United States?Federal Risk and Authorization Management Program (FedRAMP) A European Union (EU) citizen contacts a company doing business in the EU, claiming that its data processing activities are out of compliance with the General Data Protection Regulation (GDPR). The citizen demands that the company stops processing their personal data. What must the company do if it wishes to continue processing this personal data?Demonstrate that this data processing is authorized under approved standards What is used to allow additional functionality such as improved networking or video output for a guest operating system by connecting to an underlying host's hardware?Virtualization toolsets Which concept denotes an advantage of virtualized environments that enable them to achieve high availability?Hardware abstraction Which storage architecture contains nodes that are logically connected rather than physically connected?Loosely coupled clusters Which purpose does an intrusion prevention system (IPS) serve when compared to an intrusion detection system

(IDS)?

An IPS detects and stops malicious traffic, while an IDS detects and alerts about malicious traffic.Which part of a network should a security information and event management (SIEM) suite use to ensure network devices in a software-defined network are properly forwarding traffic?Control plane An analyst needs to scan hosts for misconfigurations and known security threats that could lead to a security incident. Which type of scanner will allow the analyst to check for these types of issues?Vulnerability An organization identified the need to improve the resiliency of a critical IT service to ensure access for its customers. Which information technology service management (ITSM) process should be implemented to ensure the organization meets this goal?Availability management