Prepare for your exams
Get points
Guidelines and tips
Sell on Docsity
Docsity AI

Prepare for your exams

Study with the several resources on Docsity

Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips

Sell on Docsity

Docsity AI

Log in Sign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search for your university

Find the specific documents for your university's exams

Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents

20 Points

For each uploaded document

Answer questions

5 Points

For each given answer (max 1 per day)

All the ways to get free points

Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

WGU C838 Managing Cloud Security, Exams of Advanced Education

Chamberlain College of Nursing Advanced Education

WGU C838 Managing Cloud Security

Typology: Exams

2025/2026

Available from 05/01/2026

Ngugsben 🇺🇸

5

(1)

7.5K documents

1 / 6

This page cannot be seen from the preview

Don't miss anything!

WGU C838 Managing Cloud Security

Data Lifecycle - CORRECT ANSWER ✔✔✔ Create, Store, Use, Share, Archive and

Destroy

SDLC - CORRECT ANSWER ✔✔✔ Define, Design, Develop, Test, Secure Operations

and Disposal

FIPS 140-2 - CORRECT ANSWER ✔✔✔ NIST Document, describes process for

accrediting cryptosystems for US Federal use.

NIST 800-53 - CORRECT ANSWER ✔✔✔ Assures appropriate security requirements

for US GOV information management systems.

TCI - CORRECT ANSWER ✔✔✔ Trusted Cloud Initiative reference model, Guide for

CSP's to create holistic architecture of DC. Cloud customers can use.

Copyright - CORRECT ANSWER ✔✔✔ Legal protections for expressions of ideas.

Movie, song, etc.

-Expires 70 years from authors death or 120 years after first publication of work.

Trademarks - CORRECT ANSWER ✔✔✔ Representations of an organization. Ex:

Nike.

-Must register w/ jurisdiction

-R symbol represents registration w/ USPTO

-TM symbol represents registration w/ State Office

-Valid as long as organization uses it

Patents - CORRECT ANSWER ✔✔✔ USPTO, intellectual property (inventions,

processes),

-Patents last 20 years from publication

WIPO - CORRECT ANSWER ✔✔✔ World Intellectual Property Organization,

-152 countries

ITAR - CORRECT ANSWER ✔✔✔ International Traffic in Arms Regulations,

-US State Department

-Prohibitions on defense exports including cryptosystems

EAR - CORRECT ANSWER ✔✔✔ Export Administration Regulations,

-US Department of Commerce

-Prohibits export of dual use products (civilian/Military)

Wassenaar Agreement - CORRECT ANSWER ✔✔✔ -Not a binding legal contract

Discover Exams of Advanced Education Chamberlain College of Nursing

Partial preview of the text

Download WGU C838 Managing Cloud Security and more Exams Advanced Education in PDF only on Docsity!

WGU C838 Managing Cloud Security

Data Lifecycle - CORRECT ANSWER ✔✔✔ Create, Store, Use, Share, Archive and Destroy SDLC - CORRECT ANSWER ✔✔✔ Define, Design, Develop, Test, Secure Operations and Disposal FIPS 140-2 - CORRECT ANSWER ✔✔✔ NIST Document, describes process for accrediting cryptosystems for US Federal use. NIST 800-53 - CORRECT ANSWER ✔✔✔ Assures appropriate security requirements for US GOV information management systems. TCI - CORRECT ANSWER ✔✔✔ Trusted Cloud Initiative reference model, Guide for CSP's to create holistic architecture of DC. Cloud customers can use. Copyright - CORRECT ANSWER ✔✔✔ Legal protections for expressions of ideas. Movie, song, etc. -Expires 70 years from authors death or 120 years after first publication of work. Trademarks - CORRECT ANSWER ✔✔✔ Representations of an organization. Ex: Nike. -Must register w/ jurisdiction -R symbol represents registration w/ USPTO -TM symbol represents registration w/ State Office -Valid as long as organization uses it Patents - CORRECT ANSWER ✔✔✔ USPTO, intellectual property (inventions, processes), -Patents last 20 years from publication WIPO - CORRECT ANSWER ✔✔✔ World Intellectual Property Organization, -152 countries ITAR - CORRECT ANSWER ✔✔✔ International Traffic in Arms Regulations, -US State Department -Prohibitions on defense exports including cryptosystems EAR - CORRECT ANSWER ✔✔✔ Export Administration Regulations, -US Department of Commerce -Prohibits export of dual use products (civilian/Military) Wassenaar Agreement - CORRECT ANSWER ✔✔✔ -Not a binding legal contract

-41 countries -Let each other know about arms shipments to nonmember nations SOC 1 - CORRECT ANSWER ✔✔✔ Financial, non IT related SOC report SOC 2 - CORRECT ANSWER ✔✔✔ SOC 2 TYPE 1: Design of controls in point of time -Useless SOC 2 - CORRECT ANSWER ✔✔✔ SOC 2 Type 2: USEFUL IT Security related, How security controls are designed over a range of time SOC 3 - CORRECT ANSWER ✔✔✔ Public document meant to be shared as an attestation of a CSP's DC by a 3rd party ISO 27034-1 - CORRECT ANSWER ✔✔✔ Standards for Secure Application Development -Overview of application security REST API - CORRECT ANSWER ✔✔✔ Representational State Transfer, -Low processing overhead -simple URLs URIs -Language agnostic -Scalable -Output CSV or JSON Works well when: -Bandwidth is limited -Stateless operations -Caching is required SOAP - CORRECT ANSWER ✔✔✔ Simple Object Access Protocol, -Via SMTP, FTP and HTTP -Standards based -XML -Highly tolerant of errors -Built in error handling -Slower Works well when: -Asynchronous processing

Admin: FDIC Federal deposit Insurance Corporation FFIEC Enforcer: FDIC/DFI SOX - CORRECT ANSWER ✔✔✔ Sarbanes-Oxley Act -Increase corporate trading transparency to prevent fraud -CIA: Confidentiality, Integrity and Availability Admin: SEC Enforcer: SEC HIPPA - CORRECT ANSWER ✔✔✔ Health Insurance Portability and Accountability Act -ePHI electronic and nonelectronic health records confidentiality Admin: DHHS Enforcer: OCR Office for Civil Rights FERPA - CORRECT ANSWER ✔✔✔ Family Educational Rights and Privacy Act -prevent student data disclosure Admin: Department of Education Enforcer: Department of Education Family Policy Compliance Office DMCA - CORRECT ANSWER ✔✔✔ Digital Millennium Copyright Act

Copyright provisions in internet age -enables criminal prosecution of copyright infringement and takedown from websites No admin or enforcer CLOUD - CORRECT ANSWER ✔✔✔ Clarifying Lawful Overseas Use of Data -Allows US law enforcement to compel US companies to disclose data stored in foreign DCs. -Specifically for cloud systems Admin: US Federal Courts Enforcer: US law enforcement agencies FedRAMP - CORRECT ANSWER ✔✔✔ Federal Risk and Authorization Management Program

-Certification given to CSPs for GOV use of cloud systems (Agencies/Gov Contractors) GDPR - CORRECT ANSWER ✔✔✔ General Data Protection Regulation -EU default data protection -Notice, choice, purpose, access, integrity, security and enforcement -Can also utilize the Right to be Forgotten Privacy Shield - CORRECT ANSWER ✔✔✔ For orgs in US to be allowed to collect EU citizen's data. -Must have privacy shield compliance -Must register with US federal enforcement agency that admins Privacy Shield Admin: DoC Department of Commerce/Enforcer: FTC Admin: DoT Department of Transportation/Enforcer: DoT Binding Corporate Rules / Standard Contractual Clauses - CORRECT ANSWER ✔✔✔ US orgs that don't want to comply with Privacy Shield but still need to collect data from EU citizens. -Companies will need to approach every individual EU country they do business with. They need to validate/accept the org's information security policy. APEC - CORRECT ANSWER ✔✔✔ Asia-Pacific Economic Cooperation -Not legally binding ISO 27001 - CORRECT ANSWER ✔✔✔ Holistic overview of entire security program within an Org. -Top down approach -Industry agnostic -Expensive, well regarded document -Not lawful, but recognized internationally ISO 27017: 2015 - CORRECT ANSWER ✔✔✔ Standard guidelines for information security and use of cloud services and cloud service customers. ISO 27018:2019 - CORRECT ANSWER ✔✔✔ Code of practice, security techniques for processing PII in cloud services ISO 27050 - CORRECT ANSWER ✔✔✔ e-discovery ISO 27043 : 2015 - CORRECT ANSWER ✔✔✔ Incident investigation principles and processes ISO 27042 : 2015 - CORRECT ANSWER ✔✔✔ Guide for digital evidence analysis

WGU C838 Managing Cloud Security, Exams of Advanced Education

Related documents

Partial preview of the text

Download WGU C838 Managing Cloud Security and more Exams Advanced Education in PDF only on Docsity!

WGU C838 Managing Cloud Security