WGU D320/CCSP (LATEST) QUESTIONS WITH 100% CORRECT ANSWERS.
The management plane is use to administer a cloud environment and perform administrative tasks across a variety of systems, but most specifically it's used with the hypervisors.
What does the management plane typically leverage for this orchestration?
A. APIs
B. Scripts
C. TLS
D. XML Answer - The management plane uses APIs to execute remote calls across the cloud environment to various management systems, especially hypervisors. This allows a centralized administrative interface, often a web portal, to orchestrate tasks throughout an enterprise. Scripts may be utilized to execute API calls, but they are not used directly to interact with systems. XML is used for data encoding and transmission, but not for executing remote calls. TLS is used to encrypt communications and may be used with API calls, but it is not the actual process for executing commands.
When dealing with PII, which category pertains to those requirements that can carry legal sanctions or penalties for failure to adequately safeguard the data and address compliance requirements?
A. Contractual
B. Jurisdictional
C. Regulated
D. Legal Answer - Regulated PII pertains to data that is outlined in law and regulations. Violations of the requirements for the protection of regulated PII can carry legal sanctions or penalties. Contractual PII involves required data protection that is determined by the actual service contract between the cloud provider and cloud customer, rather than outlined by law. Violations of the provisions of contractual PII carry potential financial or contractual implications, but not legal sanctions. Legal and jurisdictional are similar terms to regulated, but neither is the official term used. Although the united states does not have a single, comprehensive privacy and regulatory framework, a number of specific regulations pertain to types of data or populations.
Which of the following is NOT a regulatory system from the United States federal government?
A. HIPAA
B. SOX
C. FISMA
D. PCI DSS Answer - The Payment Card Industry Data Security Standard (PCI DSS)
pertains to organizations that handle credit card transactions and is an industry-
regulatory standard, not a governmental one. The Sarbanes-Oxley Act (SOX) was passed in 2002 and pertains to financial records and reporting, as well as transparency requirements for shareholders and other stakeholders. The Health Insurance and Portability Act (HIPAA) was passed in 1996 and pertains to data privacy and security for medical records. FISMA refers to the Federal Information Security Management Act of 2002 and pertains to the protection of all US federal government IT systems, with the exception of national security systems.
The president of your company has tsked you with implementing cloud services as the most efficient way of obtaining a robust disaster recovery configuration for your production services. Which of the cloud deployment models would you MOST likely be exploring?
A. Hybrid
B. Private
C. Community
D. Public Answer - A hybrid cloud model spans two more different hosting configurations or cloud providers. This would enable an organization to continue using its current hosting configuration, while adding additional cloud services to enable disaster recovery capabilities. The other cloud deployment models--public, private, and community--would not be applicable for seeking a disaster recovery configuration where cloud services are to be leveraged for that purpose rather than production service hosting.
If you are running an application that has strict legal requirements that the data cannot reside on systems that contain other applications or systems, which aspect of
cloud computing would be prohibitive in this case?
A. Multitenancy
B. Broad network access
C. Portability
D. Elasticity Answer - Multitenancy is the aspect of cloud computing that involves having multiple customers and applications running within the same system and sharing the same resources. Although considerable mechanisms are in place to ensure isolation and separation, the data and applications are ultimately using shared resources. Broad network access refers to the ability to access cloud services from any location or client. Portability refers to the ability to easily move cloud services between different cloud providers, whereas elasticity refers to the capabilities of a cloud environment to add or remove services, as needed, to meet current demand.
The REST API is a widely used standard for communications of web-based services between clients and the servers hosting them.
Which protocol does the REST API depend on?
A. HTTP
B. SSH
C. SAML
D. XML Answer - Representational State Transfer (REST) is a software architectural scheme that applies the components, connectors, and data conduits for many web applications used on the Internet. It uses and relies on the HTTP protocol and supports a variety of data formats. Extensible Markup Language (XML) and Security Assertion Markup Language (SAML) are both standards for exchanging encoded data between two parties, with XML being for more general use and SAML focused on authentication and authorization data. Secure Shell client (SSH) is a secure method for allowing remote login to systems over a network.
Which of the following actions will NOT make data part of the create phase of the cloud data lifecycle?
A. Modify data
B. Modify metadata
C. New data
D. Import data Answer - Modifying the metadata does not change the actual data. Although this initial phase is called "create", it can also refer to modification. In essence, any time data is considered "new", it is in the create phase. This can come from data that is newly created, data that is imported into a system and is new to that
system, or data that is already present and is modified into a new form or value.
Most APIs will support a variety of different data formats or structures.
However, the SOAP API will only support which one of the following data formats?
A. XML
B. XSLT
C. JSON
D. SAML Answer - The Simple Object Access Protocol (SOAP) protocol only supports the Extensible Markup Language (XML) data format. Although the other options are all data formats or data structures, they are not supported by SOAP
Which cloud storage type is typically used to house virtual machine images that are used throughout the environment? A. Structured B. Unstructured C. Volume D. Object Answer - Object storage is typically used to house virtual machine images because it is independent from other systems and is focused solely on storage. It is also the most appropriate for handling large individual files. Volume storage, because it is allocated to a specific host, would not be appropriate for the storing of virtual images. Structured and unstructured are storage types specific to PaaS and would not be used for storing items used throughout a cloud environment.
With an API, various features and optimizations are highly desirable to scalability, reliability, and security. What does the REST API support that the SOAP API does NOT support?
A. Acceleration
B. Caching
C. Redundancy
D. Encryption Answer - The Simple Object Access Protocol (SOAP) does not support caching, whereas the Representational State Transfer (REST) API does. The other options are all capabilities that are either not supported by SOAP or not supported by any API and must be provided by external features.
Although much of the attention given to data security is focused on keeping data private and only accessible by authorized individuals, of equal importance is the trustworthiness of the data.
Which concept encapsulates this?
A. Validity
B. Integrity
C. Accessibility
D. Confidentiality Answer - Integrity refers to the trustworthiness of data and whether
its format and values are true and have not been corrupted or otherwise altered through unauthorized means. Confidentiality refers to keeping data from being accessed or viewed by unauthorized parties. Accessibility means that data is available and ready when needed by a user or service. Validity can mean a variety of
things that are somewhat similar to integrity, but it's not the most appropriate answer in this case.
Three central concepts define what type of data and information an organization is responsible for pertaining to eDiscovery.
Which of the following are the three components that comprise required disclosure?
A. Possession, ownership, control
B. Ownership, use, creation
C. Control, custody, use
D. Possession, custody, control Answer - Data that falls under the pruview of an eDiscovery requres is that which is in the possession, custody, or control of the organization. Although this is an easy concept in traditional data center, it can be difficult to distinguish who acctually possesses and controls the data in a cloud environment due to multitenancy and resource pooling controls the data in a cloud environment due to multitenancy and resource pooling. Although these options provide similar-sounding terms, they are ultimately incorrect.