Advance Your Career by Using Online 312-40 Dumps

1. 1.Ray Nicholson works as a senior cloud security engineer in TerraCloud Sec Pvt. Ltd. His organization deployed all applications in a cloud environment in various virtual machines. Using IDS, Ray identified that an attacker compromised a particular VM. He would like to limit the scope of the incident and protect other resources in the cloud.

If Ray turns off the VM, what will happen?

2. Tom Holland works as a cloud security engineer in an IT company located in Lansing, Michigan. His organization has adopted cloud-based services wherein user access, application, and data security are the responsibilities of the organization, and the OS, hypervisor, physical, infrastructure, and network security are the responsibilities of the cloud service provider.

Based on the aforementioned cloud security shared responsibilities, which of the following cloud computing service models is enforced in Tom's organization?

3. TetraSoft Pvt. Ltd. is an IT company that provides software and application services to numerous customers across the globe. In 2015, the organization migrated its applications and data from on-premises to the AWS cloud environment. The cloud security team of TetraSoft Pvt. Ltd. suspected that the EC2 instance that launched the core application of the organization is compromised. Given below are randomly arranged steps involved in the forensic acquisition of an EC2 instance.

In this scenario, when should the investigators ensure that a forensic instance is in the terminated state?

4. An organization wants to securely connect to the AWS environment with a speed of 20 Gbps directly through its data centers, branch offices, and colocation facilities to ensure that its customers can securely access public (objects stored in Amazon S3) and private (limited access features such as VPC) resources by bypassing the internet service providers in the path.

Which of the following AWS services can be helpful for the organization?

5. SevocSoft Private Ltd. is an IT company that develops software and applications for the banking sector. The security team of the organization found a security incident caused by misconfiguration in Infrastructure-as-Code (laC) templates. Upon further investigation, the security team found that the server configuration was built using a misconfigured laC template, which resulted in security breach and exploitation of the organizational cloud resources.

Which of the following would have prevented this security breach and exploitation?

6. Shell Solutions Pvt. Ltd. is an IT company that develops software products and services for BPO companies. The organization became a victim of a cybersecurity attack. Therefore, it migrated its applications and workloads from on-premises to a cloud environment. Immediately, the organization established an incident response team to prevent such incidents in the future. Using intrusion detection system and antimalware software, the incident response team detected a security incident and mitigated the attack. The team recovered the resources from the incident and identified various vulnerabilities and flaws in their cloud environment.

Which step of the incident response lifecycle includes the lessons learned from previous attacks and analyzes and documents the incident to understand what should be improved?

7. James Harden works as a cloud security engineer in an IT company. James' organization has adopted a RaaS architectural model in which the production application is placed in the cloud and the recovery or backup target is kept in the private data center.

Based on the given information, which RaaS architectural model is implemented in James' organization?

8. Terry Diab has an experience of 6 years as a cloud security engineer. She recently joined a multinational company as a senior cloud security engineer. Terry learned that there is a high probability that her organizational applications could be hacked and user data such as passwords, usernames, and account information can be exploited by an attacker. The organizational applications have not yet been hacked, but this issue requires urgent action. Therefore, Terry, along with her team, released a software update that is designed to resolve this problem instantly with a quick-release procedure. Terry successfully fixed the problem (bug) in the software product immediately without following the normal quality assurance procedures. Terry's team resolved the problem immediately on the live system with zero downtime for users.

Based on the given information, which of the following type of update was implemented by Terry?

9. The e-commerce platform www.evoucher.com observes overspending 15% to 30% due to unawareness of the mistakes in threat detection and security governance while using the services of its cloud provider AWS. It feels it requires a well-thought-out roadmap to improve its cloud journey.

How can the company accelerate its cloud journey with desired outcomes and business value?

10. Securelnfo Pvt. Ltd. has deployed all applications and data in the AWS cloud. The security team of this organization would like to examine the health of the organization's website regularly and switch (or failover) to a backup site if the primary website becomes unresponsive.

Which of the following AWS services can provide DNS failover capabilities and health checks to ensure the availability of the organization's website?

11. Rebecca Gibel has been working as a cloud security engineer in an IT company for the past 5 years. Her organization uses cloud-based services. Rebecca's organization contains personal information about its clients, which is encrypted and stored in the cloud environment. The CEO of her organization has asked Rebecca to delete the personal information of all clients who utilized their services between 2011 and 2015. Rebecca deleted the encryption keys that are used to encrypt the original data; this made the data unreadable and unrecoverable.

Based on the given information, which deletion method was implemented by Rebecca?

12. An organization wants to detect its hidden cloud infrastructure by auditing its cloud environment and resources such that it shuts down unused/unwanted workloads, saves money, minimizes security risks, and optimizes its cloud inventory.

In this scenario, which standard is applicable for cloud security auditing that enables the management of customer data?

13. Georgia Lyman works as a cloud security engineer in a multinational company. Her organization uses cloud-based services. Its virtualized networks and associated virtualized resources encountered certain capacity limitations that affected the data transfer performance and virtual server communication.

How can Georgia eliminate the data transfer capacity thresholds imposed on a virtual server by its virtualized environment?

14. Teresa Palmer has been working as a cloud security engineer in a multinational company. Her organization contains a huge amount of data; if these data are transferred to AWS S3 through the internet, it will take weeks. Teresa's organization does not want to spend money on upgrading its internet to a high-speed internet connection. Therefore, Teresa has been sending large amounts of backup data (terabytes to petabytes) to AWS from on-premises using a physical device, which was provided by Amazon. The data in the physical device are imported and exported from and to AWS S3 buckets. This method of data transfer is cost-effective, secure, and faster than the internet for her organization. Based on the given information, which of the following AWS services is being used by Teresa?

15. Samuel Jackson has been working as a cloud security engineer for the past 12 years in VolkSec Pvt. Ltd., whose applications are hosted in a private cloud. Owing to the increased number of users for its services, the organizations is finding it difficult to manage the on-premises data center. To overcome scalability and data storage issues, Samuel advised the management of his organization to migrate to a public cloud and shift the applications and data. Once the suggestion to migrate to public cloud was accepted by the management, Samuel was asked to select a cloud service provider. After extensive research on the available public cloud service providers, Samuel made his recommendation. Within a short period, Samuel along with his team successfully transferred all applications and data to the public cloud. Samuel's team would like to configure and maintain the platform, infrastructure, and applications in the new cloud computing environment.

Which component of a cloud platform and infrastructure provides tools and interfaces to Samuel's team for configuring and maintaining the platform, infrastructure, and application?

16. A large e-commerce company named ShopZone uses GCP to host its online store. Recently, the company noticed several errors reported by customers while trying to make purchases on their website. They suspect that there may be some issue with the payment processing system. To investigate this issue, the cloud forensic team of the company decided to look at the logs for the payment processing system and identify anomalies that may be causing the problem.

Which of the following GCP log categories helps the team gain the relevant information?

17. Scott Herman works as a cloud security engineer in an IT company. His organization has

deployed a 3-tier web application in the same Google Cloud Virtual Private Cloud. Each tier (web interface (UI), API, and database) is scaled independently of others. Scott Herman obtained a requirement that the network traffic should always access the database using the API and any request coming directly from the web interface to the database should not be allowed.

How should Scott configure the network with minimal steps?

18. Global CloudEnv is a cloud service provider that provides various cloud-based services to cloud consumers. The cloud service provider adheres to the framework that can be used as a tool to systematically assess cloud implementation by providing guidance on the security controls that should be implemented by specific actors within the cloud supply chain. It is used as the standard to assess the security posture of organizations on the Security, Trust, Assurance, and Risk (STAR) registry.

Based on the given information, which of the following cybersecurity control frameworks does Global CloudEnv adhere to?

19. Rick Warren has been working as a cloud security engineer in an IT company for the past 4 years. Owing to the robust security features and various cost-effective services offered by AWS, in 2010, his organization migrated to the AWS cloud environment. While inspecting the intrusion detection system, Rick detected a security incident.

Which of the following AWS services collects logs from various data sources and stores them on a centralized location as logs files that can be used during forensic investigation in the event of a security incident?

20. GlobalCloud is a cloud service provider that offers various cloud-based secure and cost-effective services to cloud consumers. The customer base of this organization increased within a short period; thus, external auditing was performed on GlobalCloud. The auditor used spreadsheets, databases, and data analyzing software to analyze a large volume of data.

Based on the given information, which cloud-based audit method was used by the auditor to collect the objective evidence?

21. The cloud administrator John was assigned a task to create a different subscription for each division of his organization. He has to ensure all the subscriptions are linked to a single

Azure AD tenant and each subscription has identical role assignments.

Which Azure service will he make use of?

22. Thomas Gibson is a cloud security engineer who works in a multinational company. His organization wants to host critical elements of its applications; thus, if disaster strikes, applications can be restored quickly and completely. Moreover, his organization wants to achieve lower RTO and RPO values.

Which of the following disaster recovery approach should be adopted by Thomas' organization?

23. An organization is developing a new AWS multitier web application with complex queries and table joins.

However, because the organization is small with limited staff, it requires high availability.

Which of the following Amazon services is suitable for the requirements of the organization?

24. Shannon Elizabeth works as a cloud security engineer in VicPro Soft Pvt. Ltd. Microsoft Azure provides all cloud-based services to her organization. Shannon created a resource group (ProdRes), and then created a virtual machine (myprodvm) in the resource group. On myprodvm virtual machine, she enabled JIT from the Azure Security Center dashboard.

What will happen when Shannon enables JIT VM access?

25. Scott Herman works as a cloud security engineer in an IT company located in Ann Arbor, Michigan. His organization uses Office 365 Business Premium that provides Microsoft Teams, secure cloud storage, business email, premium Office applications across devices, advanced cyber threat protection, and device management.

Which of the following cloud computing service models does Microsoft Office 365 represent?

26. On database system of a hospital maintains rarely-accessed patients' data such as medical records including high-resolution images of ultrasound reports, MRI scans, and X-Ray reports for years. These records occupy a lot of space and need to be kept safe as it contains sensitive medical data.

Which of the following Azure storage services best suitable for such rarely-accessed data with flexible latency requirement?

27. Georgia Lyman is a cloud security engineer; she wants to detect unusual activities in her organizational Azure account. For this, she wants to create alerts for unauthorized activities with their severity level to prioritize the alert that should be investigated first.

Which Azure service can help her in detecting the severity and creating alerts?

28. Daffod is an American cloud service provider that provides cloud-based services to customers worldwide.

Several customers are adopting the cloud services provided by Daffod because they are secure and cost-

effective. Daffod complies with the cloud computing law enacted in the US to realize the importance of information security in the economic and national security interests of the US. Based on the given information, which law order does Daffod adhere to?

29. Sam, a cloud admin, works for a technology company that uses Azure resources. Because Azure contains the resources of numerous organizations and several alerts are received timely, it is difficult for the technology company to identify risky resources, determine their owner, know whether they are needed, and know who pays for them.

How can Sam organize resources to determine this information immediately?

30. A new public web application is deployed on AWS that will run behind an Application Load Balancer (ALB). An AWS security expert needs to encrypt the newly deployed application at the edge with an SSL/TLS certificate issued by an external certificate authority. In addition, he needs to ensure the rotation of the certificate yearly before it expires.

Which of the following AWS services can be used to accomplish this?

31. Bruce McFee works as a cloud security engineer in an IT company. His organization uses AWS cloud-based services. Because Amazon CloudFront offers low-latency and high-speed data delivery through a user-friendly environment, Bruce's organization uses the CloudFront content delivery network (CDN) web service for the fast and secure distribution of data to various customers throughout the world.

How does CloudFront accelerate content distribution?

32. SecureSoft IT Pvt. Ltd. is an IT company located in Charlotte, North Carolina, that develops software for the healthcare industry. The organization generates a tremendous amount of unorganized data such as video and audio files. Kurt recently joined SecureSoft IT Pvt. Ltd. as a cloud security engineer. He manages the organizational data using NoSQL databases.

Based on the given information, which of the following data are being generated by Kurt's organization?

33. Coral IT Systems is a multinational company that consumes cloud services. As a cloud service consumer (CSC), the organization should perform activities such as selecting, monitoring, implementing, reporting, and securing the cloud services. The CSC and cloud service provider (CSP) have a business relationship in which the CSP delivers cloud services to the CSC.

Which cloud governance role is applicable to the organization?

34. AWS runs 35+ instances that are all CentOS machines. Updating these machines manually is a time-intensive task that may lead to missed updates for some instances and create vulnerabilities.

Which of the following can be used to prevent each port of each instance from being opened to access the machine and install updates?

35. Michael Keaton has been working as a cloud security specialist in a multinational company. His organization uses Google Cloud. Keaton has launched an application in nl-standard-1 (1 vCPU, 3.75 GB memory) instance.

Over the past three weeks, the instance has had low memory utilization.

Which of the following machine type switching is recommended for Keaton?

36. Global SciTech Pvt. Ltd. is an IT company that develops healthcare-related software. Using an incident detection system (IDS) and antivirus software, the incident response team of the organization has observed that attackers are targeting the organizational network to gain access to the resources in the on-premises environment. Therefore, their team of cloud security engineers met with a cloud service provider to discuss the various security provisions offered by the cloud service provider. While discussing the security of the organization's virtual machine in the cloud environment, the cloud service provider stated that the Network Security Groups (NSGs) will secure the VM by allowing or denying network traffic to VM instances in a virtual network based on inbound and outbound security rules.

Which of the following cloud service provider filters the VM network traffic in a virtual network using NSGs?

37. Global InfoSec Solution Pvt. Ltd. is an IT company that develops mobile-based software and applications. For smooth, secure, and cost-effective facilitation of business, the organization uses public cloud services. Now, Global InfoSec Solution Pvt. Ltd. is encountering a vendor lock-in issue.

What is vendor lock-in in cloud computing?

38. The GCP environment of a company named Magnitude IT Solutions encountered a security incident. To respond to the incident, the Google Data Incident Response Team was divided based on the different aspects of the incident.

Which member of the team has an authoritative knowledge of incidents and can be involved in different domains such as security, legal, product, and digital forensics?