Question 1

Which tool provides a dedicated environment to contain and analyze malware?

Accepted Answer

C

Explanation: A sandbox is a security mechanism specifically designed to provide an isolated and controlled environment for executing untrusted code. This containment prevents potentially malicious software from accessing or affecting the host operating system, network, or other applications. Security analysts use sandboxes to safely run and observe malware, analyzing its behavior—such as network connections, file system modifications, and registry changes—without risking damage to production systems. This process is a cornerstone of dynamic malware analysis.

Question 2

As part of training to help the data center engineers understand different attack vectors that affect
the infrastructure, they work on a set of information about access and availability attacks that was
presented. Part of the labs requires the engineers to identify different threat vectors and their
names. Which threat prohibits the use of data by preventing access to it?

Accepted Answer

D

Explanation: A Denial of Service (DoS) attack is specifically designed to make a machine, network, or service unavailable to its intended users. The primary goal is to disrupt the availability of the resource by overwhelming it with superfluous requests or by sending it information that triggers a crash. This directly aligns with the definition provided in the question, which is a threat that "prohibits the use of data by preventing access to it." DoS attacks are a direct assault on the 'Availability' component of the Confidentiality, Integrity, and Availability (CIA) security triad.

Question 3

Which role in cloud computing provides products or services that interact with the primary offering of a cloud service provider?

Accepted Answer

B

Explanation: A cloud service partner is an organization that establishes a business relationship with a cloud service provider (CSP) to offer products or services that augment, integrate with, or are built upon the CSP's primary offerings. These partners extend the capabilities of the core cloud platform by providing specialized software (e.g., security tools, databases), professional services (e.g., migration, managed services), or hardware. Their role is to create a richer ecosystem around the CSP's services, providing additional value to the end customers. This directly matches the description of providing products that interact with the primary offering.

Question 4

Which security concept requires continuous identity and authorization checks to allow access to data?

Accepted Answer

B

Explanation: The Zero Trust security model is founded on the principle of "never trust, always verify." It eliminates the outdated concept of a trusted internal network and an untrusted external network. Instead, it requires that all users, whether inside or outside the organization’s network, be continuously authenticated, authorized, and validated before being granted or keeping access to applications and data. This involves strict identity verification and authorization checks for every single access request, ensuring that trust is never implicit and access is granted on a least-privilege, need-to-know basis.

Question 5

An organization is sharing personal information that is defined in its privacy policy with a trusted
third party. What else should the organization communicate to the trusted third party about the
personal information?

Accepted Answer

D

Explanation: When an organization (the data controller) shares personal information with a third party (the data processor), it retains accountability for the protection of that data. To fulfill this responsibility, the organization must provide the third party with clear, explicit instructions on how the data is to be handled. This is accomplished by sharing its privacy policy and associated handling practices. This communication ensures the third party understands the specific requirements for data processing, storage, security, and disposal, thereby contractually obligating them to uphold the same privacy commitments the organization has made to its users.

Question 6

Which business area in the enterprise risk management (ERM) strategy is concerned with formal risk assessments when forming new or renewing existing vendor relationships?

Accepted Answer

B

Explanation: The procurement department is fundamentally responsible for the entire lifecycle of vendor and supplier relationships, from initial sourcing and vetting to contracting, performance management, and renewal. Within an Enterprise Risk Management (ERM) framework, conducting formal risk assessments is a critical due diligence step managed by procurement. This process evaluates potential financial, operational, compliance, and security risks associated with a third party before entering into or renewing a business relationship. This function is central to managing an organization's supply chain and third-party risk exposure, making it the correct business area concerned with these formal assessments.

Question 7

An organization’s leadership team gathered managers and key team members in each division to
help create a disaster recovery plan. They realize they lack a complete understanding of the
infrastructure and software needed to formulate the plan. Which action should they take to correct
this issue?

Accepted Answer

D

Explanation: The organization's stated problem is a lack of a "complete understanding of the infrastructure and software." The foundational step to address this gap is to perform a comprehensive inventory of all hardware, software, and data assets. This inventory is a prerequisite for all subsequent disaster recovery (DR) planning activities, such as conducting a business impact analysis (BIA), identifying critical systems, and developing recovery strategies. Without a detailed asset inventory, it is impossible to formulate an accurate or effective DR plan because the scope of what needs to be recovered is unknown.

Question 8

Which tool should a developer use to describe the requirements they have gathered for a code improvement they are tasked with making as part of a current release?

Accepted Answer

B

Explanation: In Agile software development methodologies, which are central to modern cloud application lifecycles, "User Stories" are the standard tool for describing requirements. A user story is a concise, informal description of a feature or improvement from the end-user's perspective. It captures the "who," "what," and "why" of a requirement without delving into technical implementation details. This makes it the ideal artifact for a developer to articulate the requirements they have gathered for a specific code improvement task within a release cycle, ensuring clarity and alignment with user needs.

Question 9

Which term refers to taking an accurate account of a system's desired standard state so changes can be quickly detected for approval or remediation?

Accepted Answer

A

Explanation: Baselining is the process of establishing and documenting a known, trusted, and secure state for a system or network. This "baseline" serves as a reference point. By continuously monitoring the system against this baseline, any deviations or changes can be quickly identified. This allows security teams to investigate whether a change was authorized (e.g., an approved patch) or unauthorized (e.g., malicious activity), enabling proper approval or remediation actions. This practice is a fundamental component of configuration management and security monitoring.

Question 10

Which U.S. law requires all publicly traded corporations in the United States to provide information
about their financial status and implements controls to ensure the accuracy of the disclosed
information?

Accepted Answer

C

Explanation: The Sarbanes-Oxley (SOX) Act of 2002 is a United States federal law enacted in response to major corporate and accounting scandals. Its primary purpose is to protect investors by improving the accuracy, reliability, and transparency of corporate financial disclosures. SOX mandates that the management of publicly traded companies establish, assess, and report on the effectiveness of their internal controls over financial reporting (ICFR). This includes controls over the information technology systems that store and process financial data, making IT and cloud security controls a critical component of SOX compliance.

Question 11

An organization designing a data center wants the ability to quickly create and shut down virtual systems based on demand. Which concept describes this capability?

Accepted Answer

C

Explanation: Ephemeral computing describes a model where virtual systems or computing instances are designed to be transient, existing only for a short period. This concept directly aligns with the requirement to quickly create (provision) and shut down (de-provision) systems based on real-time demand. These short-lived instances are spun up to perform a specific task or handle a temporary load and are then destroyed, optimizing resource utilization and cost. This is a foundational principle for modern cloud-native architectures, including containers and serverless functions.

Question 12

An engineer has been given the task of ensuring all of the keys used to encrypt archival data are
securely stored according to industry standards. Which location is a secure option for the engineer to
store encryption keys for decrypting data?

Accepted Answer

B

Explanation: Key escrow is an industry-standard practice for the secure storage and recovery of cryptographic keys. A fundamental security principle is to store encryption keys in a location that is logically and/or physically separate from the encrypted data. This separation ensures that a single security breach of the data storage environment does not also compromise the keys needed to decrypt that data, thereby preserving confidentiality. This method provides a robust mechanism for key recovery and long-term archival security.

Question 13

An internal developer deploys a new customer information system at a company. The system has an
updated graphical interface with new fields. Which type of functional testing ensures that the
graphical interface used by employees to input customer data behaves as the employees need it to?

Accepted Answer

D

Explanation: Acceptance testing, specifically User Acceptance Testing (UAT), is the final phase of functional testing where the system is validated by its intended end-users. In this scenario, employees test the new customer information system to confirm that its graphical interface and functionality meet their specific business needs and requirements for data entry. This process ensures the system is "fit for purpose" from the user's perspective before it is formally accepted and moved into production. It directly addresses whether the system behaves as the employees need it to.

Question 14

Which testing standard is currently used to guide Service Organization Control (SOC) audits outside the United States?

Accepted Answer

D

Explanation: The International Standard on Assurance Engagements (ISAE) 3402, "Assurance Reports on Controls at a Service Organization," is the standard used for Service Organization Control (SOC) audits conducted outside the United States. It was developed by the International Auditing and Assurance Standards Board (IAASB) to provide an international equivalent to the American standard. ISAE 3402 enables service organizations to provide an independent auditor's report on their control environment to clients and their auditors, regardless of geographical location, ensuring a global standard for such assurance engagements.

Question 15

As part of an e-discovery process, an employee needs to identify all documents that contain a specific phrase. Which type of discovery method should the employee use to identify these documents?

Accepted Answer

B

Explanation: Content-based discovery is the method used to search the actual data within files, such as the body of an email or the text of a document. The employee's task is to find a "specific phrase," which requires a full-text index search of the documents' content. This method directly inspects the substance of the files to identify those that contain the relevant keywords or phrases, making it the appropriate choice for this e-discovery requirement.

Free WGU Managing-Cloud-Security Actual Exam Questions