OA Exams

  • California, TX 70240
  • Info@gmail.com
  • Office Hours: 8:00 AM – 7:45 PM
  • web.groovymark@gmail.com
  • November 28, 2024

Question 41

Which technology is used to prevent unauthorized devices from accessing a cloud network?

A. VPN
B. NAC
C. IDS
D. WAF

Correct Answer: B. NAC

Explanation: Network Access Control (NAC) prevents unauthorized devices from accessing a cloud network. VPN secures remote access, IDS detects unauthorized access, and WAF protects web applications.

Question 42

What is the primary purpose of a sandbox in cloud security?

A. Encrypting sensitive data
B. Isolating environments for testing and development
C. Managing access control
D. Ensuring compliance with regulations

Correct Answer: B. Isolating environments for testing and development

Explanation: A sandbox isolates environments for testing and development to prevent potential security issues from affecting production systems. Encryption, access control, and compliance are handled by other controls.

Question 43

. Which risk management process involves evaluating the impact and likelihood of risks in a cloud environment?

A. Risk Transference
B. Risk Mitigation
C. Risk Assessment
D. Risk Acceptance

Correct Answer: C. Risk Assessment

Explanation: Risk Assessment involves evaluating the impact and likelihood of risks in a cloud environment. Risk Transference, Mitigation, and Acceptance are strategies for managing risks after assessment.

Question 44

Which type of encryption is most commonly used to secure data during its transmission over the internet?

A. Disk Encryption
B. Homomorphic Encryption
C. SSL/TLS
D. Symmetric Encryption

Correct Answer: C. SSL/TLS

Explanation: SSL/TLS is commonly used to encrypt data during transmission over the internet. Disk Encryption protects data at rest, Homomorphic Encryption allows data processing while encrypted, and Symmetric Encryption is a general encryption method.

Question 45

What is the role of Multi-Factor Authentication (MFA) in cloud security?

A. Managing system performance
B. Encrypting data at rest
C. Preventing unauthorized access
D. Monitoring network traffic

Correct Answer: C. Preventing unauthorized access

Explanation: MFA helps prevent unauthorized access by requiring multiple forms of verification. Performance management, data encryption, and network traffic monitoring are separate controls.

Question 46

 Which type of risk analysis ranks risks based on subjective factors such as impact and likelihood?

A. Quantitative Risk Analysis
B. Qualitative Risk Analysis
C. Scenario Analysis
D. Business Impact Analysis

Correct Answer: B. Qualitative Risk Analysis

Explanation: Qualitative Risk Analysis ranks risks based on subjective factors like impact and likelihood. Quantitative Risk Analysis uses numerical estimates, Scenario Analysis explores different risk scenarios, and Business Impact Analysis assesses the impact on business function

Question 47

Which regulation in the U.S. requires financial institutions to protect customer data?

A. HIPAA
B. GDPR
C. GLBA
D. SOX

Correct Answer: C. GLBA

Explanation: The Gramm-Leach-Bliley Act (GLBA) requires U.S. financial institutions to protect customer data. HIPAA governs healthcare data, GDPR protects personal data in the EU, and SOX focuses on corporate governance.

Question 48

 Which cloud computing service model provides the customer with control over the operating system but not the hardware?

A. SaaS
B. PaaS
C. IaaS
D. Public Cloud

Correct Answer: C. IaaS

Explanation: IaaS (Infrastructure as a Service) allows the customer to control the operating system but not the underlying hardware. SaaS and PaaS offer more managed services, while Public Cloud is a deployment model.

Question 49

What does the principle of Data Minimization under GDPR require organizations to do?

A. Ensure data accuracy
B. Encrypt all personal data
C. Collect only necessary data
D. Notify individuals in the event of a breach

Correct Answer: C. Collect only necessary data

Explanation: Data Minimization requires organizations to collect only the data necessary for specific purposes. Accuracy, encryption, and breach notification are governed by other GDPR principles.

Question 50

Which risk management strategy involves reducing the likelihood or impact of a risk through security controls?

A. Risk Acceptance
B. Risk Mitigation
C. Risk Avoidance
D. Risk Transference

Correct Answer: B. Risk Mitigation

Explanation: Risk Mitigation involves reducing the likelihood or impact of a risk through security controls. Risk Acceptance involves tolerating the risk, Risk Avoidance eliminates the risk, and Risk Transference shifts it to another party.

Complete the Captcha to view next question set.

Prev Post
WGU D320 Practice Exam Questions – Set 4 – Part 2
Next Post
WGU D320 Practice Exam Questions – Set 5 – Part 1