WGU Updated Managing-Cloud-Security Exam Questions and Answers by adelaide

Agile is an iterative software development methodology designed to prioritize customer satisfaction, adaptability, and incremental delivery. Agile teams deliver small, working pieces of software frequently, ensuring feedback is incorporated throughout the process. This flexibility allows late-stage requirement changes to be accommodated without derailing the project.

Waterfall is a sequential approach with limited flexibility. Spiral combines iterative development with risk analysis, but it is not as customer-focused as Agile. Lean emphasizes efficiency and waste reduction but does not center on continuous delivery and adaptability.

Agile frameworks such as Scrum and Kanban embody this philosophy, supporting faster innovation, better collaboration, and responsiveness to evolving business needs.

Functional testing validates that new or updated code performs correctly from the end user’s perspective. This type of testing ensures that the patch delivers intended results without introducing errors. It focuses on verifying user interactions, workflows, and outputs.

Full testing may cover all aspects, but it is broader than necessary. Nonfunctional testing evaluates performance, scalability, or usability, not direct functionality. Tabletop testing is a discussion-based exercise, often used for incident response.

Functional testing ensures customer satisfaction by aligning patches with expected system behavior. It is a core component of Agile and DevOps pipelines, where user experience and rapid delivery are prioritized.

The Health Insurance Portability and Accountability Act (HIPAA) defines requirements for the electronic transfer of healthcare data to a cloud service provider. Managing Cloud documentation explains that HIPAA governs the protection, transmission, and storage of protected health information (PHI).

HIPAA establishes administrative, technical, and physical safeguards to ensure confidentiality, integrity, and availability of healthcare data. When healthcare organizations use cloud services, both the organization and the cloud provider must ensure compliance with HIPAA requirements.

The other regulations do not apply to healthcare data transfer. Stark Law addresses physician self-referral, the Healthcare Quality Improvement Law focuses on peer review, and GLBA applies to financial institutions. Therefore, HIPAA is the correct answer.

During the containment, eradication, and recovery phase of the incident response lifecycle, immediate action is taken to limit damage, remove the threat, and restore normal operations. Managing Cloud guidance explains that isolating affected systems is a key containment activity.

Taking systems offline prevents attackers from continuing malicious activity, stops further data loss, and allows remediation to occur safely. Once contained, systems can be cleaned, patched, restored from backups, and securely returned to service.

Validating alerts occurs during detection and analysis, identifying training needs belongs to lessons learned, and building a timeline of attack supports forensic analysis. Therefore, taking systems offline is the correct countermeasure in this phase.