



















































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
COMPREHENSIVE PRACTICE WGU D320 MANAGING CLOUD SECURITY CCSP OBJECTIVE ASSESSMENT (OA) EXAM QUESTIONS WITH DETAILED- VERIFIED ANSWERS- ALREADY GRADED A+ || NEWEST EXAM Cloud Security / Information Security / Professional Certification Exam coverage: - • Cloud Concepts, Architecture, and Design – Understand cloud computing concepts, architecture, design, and security principles • Cloud Data Security – Understand cloud data lifecycle, data storage, and data protection strategies • Cloud Platform and Infrastructure Security – Understand cloud infrastructure components and security controls • Cloud Application Security – Understand secure cloud application development and deployment • Cloud Security Operations – Understand security operations in the cloud, including incident response and business continuity • Legal, Risk, and Compliance – Understand legal requirements, risk management, and compliance in cloud environments
Typology: Exams
1 / 91
This page cannot be seen from the preview
Don't miss anything!




















































































Cloud Security / Information Security / Professional Certification Exam coverage: -
applications, without the cloud provider controlling or managing the underlying infrastructure? A. Software as a Service (SaaS) B. Platform as a Service (PaaS) C. Infrastructure as a Service (IaaS) D. Function as a Service (FaaS) Correct answer: C Rationale : Infrastructure as a Service (IaaS) provides the customer with the ability to deploy and run arbitrary software, including operating systems and applications, without the cloud provider controlling or managing the underlying infrastructure. This gives customers the most control over their computing resources. Question 2 Which deployment model involves a cloud infrastructure that is provisioned for exclusive use by a single organization comprising multiple consumers? A. Public cloud B. Private cloud C. Community cloud D. Hybrid cloud
Which cloud service model provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure? A. Software as a Service (SaaS) B. Platform as a Service (PaaS) C. Infrastructure as a Service (IaaS) D. Anything as a Service (XaaS) Correct answer: B Rationale : Platform as a Service (PaaS) provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. Question 5 What is the primary security benefit of a private cloud deployment model over a public cloud model? A. Lower cost B. Increased scalability C. Greater control over security and compliance D. Faster deployment times
Correct answer: C Rationale : The primary security benefit of a private cloud over a public cloud is greater control over security and compliance. The organization has full control over the infrastructure, security controls, and data governance policies. Question 6 A hybrid cloud combines which of the following? A. Two or more public clouds B. Two or more private clouds C. A public cloud and a private cloud D. A community cloud and a public cloud Correct answer: C Rationale : A hybrid cloud is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability. Question 7 Which of the following is an example of a community cloud deployment model?
Rationale : Multi-tenancy is an architecture where a single instance of software serves multiple customers (tenants). Each tenant's data is isolated and remains invisible to other tenants. Question 9 Which of the following is a key principle of cloud security architecture? A. Defense in depth B. Single point of failure C. Minimal redundancy D. Perimeter-only security Correct answer: A Rationale : Defense in depth is a key principle of cloud security architecture. It involves layering multiple security controls (administrative, technical, and physical) to protect data and systems. Question 10 In the context of cloud computing, "rapid elasticity" refers to: A. The ability to quickly scale resources up or down B. The ability to quickly deploy new applications C. The ability to quickly recover from failures
D. The ability to quickly encrypt data Correct answer: A Rationale : Rapid elasticity is the ability to quickly scale resources up or down based on demand. This is one of the five essential characteristics of cloud computing according to NIST. Question 11 Which cloud reference model describes the shared responsibility between the cloud provider and the cloud customer? A. CSA Cloud Controls Matrix B. NIST SP 800- 145 C. Shared Responsibility Model D. Cloud Security Alliance Guidance Correct answer: C Rationale : The Shared Responsibility Model defines which security responsibilities are handled by the cloud provider and which are handled by the cloud customer. The division of responsibility varies based on the service model (IaaS, PaaS, SaaS). Question 12
Rationale : In the SaaS model, the cloud provider is responsible for the security of the infrastructure, platform, and application. The customer is typically responsible for data classification, user access management, and application configuration. Question 14 Which of the following is an example of "measured service" in cloud computing? A. Pay-per-use billing B. On-demand self-service C. Resource pooling D. Broad network access Correct answer: A Rationale : Measured service refers to the ability of the cloud provider to meter the usage of resources and charge customers based on consumption. Pay-per-use billing is a common example. Question 15 What is the primary difference between a virtual machine and a container? A. Containers include a full operating system; virtual machines do not
B. Virtual machines include a full operating system; containers share the host OS kernel C. Virtual machines are more portable than containers D. Containers are less efficient than virtual machines Correct answer: B Rationale : Virtual machines include a full guest operating system, while containers share the host OS kernel. This makes containers more lightweight, efficient, and portable than virtual machines. Question 16 Which cloud service model is most likely to abstract the underlying infrastructure completely from the customer? A. Infrastructure as a Service (IaaS) B. Platform as a Service (PaaS) C. Software as a Service (SaaS) D. Bare Metal as a Service (BMaaS) Correct answer: C Rationale : SaaS abstracts the underlying infrastructure completely from the customer. The customer accesses the application via a web browser or API and has no visibility into or control over the infrastructure.
Correct answer: A Rationale : A cloud security reference architecture provides a standardized framework for securing cloud environments. It defines the security controls, policies, and technologies needed to protect cloud resources. Question 19 Which of the following is a responsibility of the cloud customer in the IaaS service model? A. Physical security of data centers B. Management of the hypervisor C. Management of the operating system and applications D. Management of the network infrastructure Correct answer: C Rationale : In the IaaS service model, the cloud customer is responsible for managing the operating system, applications, and data. The cloud provider is responsible for the physical infrastructure, network, and virtualization layer. Question 20 What is "serverless computing" in the context of cloud services?
A. A model where the cloud provider manages the servers and the customer pays only for the resources consumed B. A model where there are no physical servers C. A model where the customer does not need to manage servers D. Both A and C Correct answer: D Rationale : Serverless computing is a model where the cloud provider manages the servers and the customer pays only for the resources consumed. The customer does not need to manage or provision servers. Question 21 Which of the following cloud deployment models offers the highest level of data privacy and control? A. Public cloud B. Private cloud C. Community cloud D. Hybrid cloud Correct answer: B
D. Auto-scaling Correct answer: A Rationale : Identity and Access Management (IAM) is a key component of cloud security architecture. It controls who can access cloud resources and what actions they can perform. Question 24 What is the purpose of a cloud service level agreement (SLA)? A. To define the quality and availability of cloud services B. To set the pricing for cloud services C. To outline the marketing strategy for cloud services D. To specify the hardware requirements for cloud deployment Correct answer: A Rationale : A cloud SLA defines the quality and availability of cloud services, including uptime guarantees, performance metrics, and penalties for non- compliance. Question 25 Which of the following is a characteristic of a community cloud?
A. It is open to the general public B. It is used by a single organization C. It is shared by several organizations with common concerns D. It is a combination of public and private clouds Correct answer: C Rationale : A community cloud is shared by several organizations with common concerns, such as security requirements, compliance obligations, or mission objectives. Question 26 Which cloud service model provides the customer with the least amount of control over the underlying infrastructure? A. Infrastructure as a Service (IaaS) B. Platform as a Service (PaaS) C. Software as a Service (SaaS) D. Function as a Service (FaaS) Correct answer: C
D. Auto-scaling Correct answer: A Rationale : Data encryption is a key security control in a cloud environment. It protects data at rest and in transit from unauthorized access. Question 29 What is the role of the cloud provider in the shared responsibility model for PaaS? A. The provider is responsible for everything B. The provider is responsible for the infrastructure and platform C. The provider is responsible for the application and data D. The provider has no responsibility Correct answer: B Rationale : In the PaaS service model, the cloud provider is responsible for the infrastructure and platform, while the customer is responsible for the application and data. Question 30
Which of the following is a benefit of cloud computing from a security perspective? A. Centralized security management B. Increased complexity C. Reduced visibility D. Loss of control Correct answer: A Rationale : Centralized security management is a benefit of cloud computing from a security perspective. Cloud providers offer centralized tools for monitoring, managing, and enforcing security policies. Domain 2: Cloud Data Security (Questions 31–55) Question 31 Which of the following is a key component of the cloud data lifecycle? A. Create, Store, Use, Share, Archive, Destroy B. Create, Store, Use, Share, Backup, Destroy C. Create, Store, Use, Share, Encrypt, Destroy D. Create, Store, Use, Share, Monitor, Destroy Correct answer: A