312-40Preview

SecureSoft Solutions Pvt. Ltd. is an IT company that develops mobile-based applications. Owing to the secure and cost-effective cloud-based services provided by Google, the organization migrated its applications and data from on-premises environment to Google cloud. Sienna Miller, a cloud security engineer, selected the Coldline Storage class for storing data in the Google cloud storage bucket. What is the minimum storage duration for Coldline Storage?

James Harden works as a cloud security engineer in an IT company. James’ organization has adopted a RaaS architectural model in which the production application is placed in the cloud and the recovery or backup target is kept in the private data center. Based on the given information, which RaaS architectural model is implemented in James’ organization?

Richard Harris works as a senior cloud security engineer in a multinational company. His organization uses Microsoft Azure cloud-based services. Richard would like to manage, control, and monitor the access to important resources in his organization. Which service in Azure AD can enable Richard to manage, control, and monitor the access to resources in Azure, Azure AD, and other Microsoft online services such as Microsoft Intune or Microsoft 365?

A security incident has occurred within an organization’s AWS environment. A cloud forensic investigation procedure is initiated for the acquisition of forensic evidence from the compromised EC2 instances. However, it is essential to abide by the data privacy laws while provisioning any forensic instance and sending it for analysis. What can the organization do initially to avoid the legal implications of moving data between two AWS regions for analysis?

Ray Nicholson works as a senior cloud security engineer in TerraCloud Sec Pvt. Ltd. His organization deployed all applications in a cloud environment in various virtual machines. Using IDS, Ray identified that an attacker compromised a particular VM. He would like to limit the scope of the incident and protect other resources in the cloud. If Ray turns off the VM, what will happen?

An IT company uses two resource groups, named Production-group and Security-group, under the same subscription ID. Under the Production-group, a VM called Ubuntul8 is suspected to be compromised. As a forensic investigator, you need to take a snapshot (ubuntudisksnap) of the OS disk of the suspect virtual machine Ubuntu18 for further investigation and copy the snapshot to a storage account under Security-group. Identify the next step in the investigation of the security incident in Azure?

Thomas Gibson is a cloud security engineer working in a multinational company. Thomas has created a Route 53 record set from his domain to a system in Florida, and a similar record to machines in Paris and Singapore. Assume that network conditions remain unchanged and Thomas has hosted the application on Amazon EC2 instance; moreover, multiple instances of the application are deployed on different EC2 regions. When a user located in London visits Thomas’s domain, to which location does Amazon Route 53 route the user request?

CyTech Private Ltd. is an IT company located in Jacksonville, Florida. The organization would like to eliminate a single point of failure; therefore, in 2017, the organization adopted a cloud computing service model in which the cloud service provider completely handles the failover. CyTech Private Ltd. added automated failover capabilities to its cloud environment and it has been testing the functionality to ensure that it is working efficiently. In which of the following cloud computing service models, failover is completely handled by the cloud service provider?

An organization wants to detect its hidden cloud infrastructure by auditing its cloud environment and resources such that it shuts down unused/unwanted workloads, saves money, minimizes security risks, and optimizes its cloud inventory. In this scenario, which standard is applicable for cloud security auditing that enables the management of customer data?

Tom Holland works as a cloud security engineer in an IT company located in Lansing, Michigan. His organization has adopted cloud-based services wherein user access, application, and data security are the responsibilities of the organization, and the OS, hypervisor, physical, infrastructure, and network security are the responsibilities of the cloud service provider. Based on the aforementioned cloud security shared responsibilities, which of the following cloud computing service models is enforced in Tom’s organization?

Jerry Mulligan is employed by an IT company as a cloud security engineer. In 2014, his organization migrated all applications and data from on-premises to a cloud environment. Jerry would like to perform penetration testing to evaluate the security across virtual machines, installed apps, and OSes in the cloud environment, including conducting various security assessment steps against risks specific to the cloud that could expose them to serious threats. Which of the following cloud computing service models does not allow cloud penetration testing (CPEN) to Jerry?

In a tech organization’s cloud environment, an adversary can rent thousands of VM instances for launching a DDoS attack. The criminal can also keep secret documents such as terrorist and illegal money transfer docs in the cloud storage. In such a situation, when a forensic investigation is initiated, it involves several stakeholders (government members, industry partners, third-parties, and law enforcement). In this scenario, who acts as the first responder for the security issue on the cloud?

Teresa Palmer has been working as a cloud security engineer in a multinational company. Her organization contains a huge amount of data; if these data are transferred to AWS S3 through the internet, it will take weeks. Teresa’s organization does not want to spend money on upgrading its internet to a high-speed internet connection. Therefore, Teresa has been sending large amounts of backup data (terabytes to petabytes) to AWS from on-premises using a physical device, which was provided by Amazon. The data in the physical device are imported and exported from and to AWS S3 buckets. This method of data transfer is cost-effective, secure, and faster than the internet for her organization. Based on the given information, which of the following AWS services is being used by Teresa?

TetraSoft Pvt. Ltd. is an IT company that provides software and application services to numerous customers across the globe. In 2015, the organization migrated its applications and data from on-premises to the AWS cloud environment. The cloud security team of TetraSoft Pvt. Ltd. suspected that the EC2 instance that launched the core application of the organization is compromised. Given below are randomly arranged steps involved in the forensic acquisition of an EC2 instance. In this scenario, when should the investigators ensure that a forensic instance is in the terminated state?

Thomas Gibson is a cloud security engineer who works in a multinational company. His organization wants to host critical elements of its applications; thus, if disaster strikes, applications can be restored quickly and completely. Moreover, his organization wants to achieve lower RTO and RPO values. Which of the following disaster recovery approach should be adopted by Thomas’ organization?

Scott Herman works as a cloud security engineer in an IT company located in Ann Arbor, Michigan. His organization uses Office 365 Business Premium that provides Microsoft Teams, secure cloud storage, business email, premium Office applications across devices, advanced cyber threat protection, and device management. Which of the following cloud computing service models does Microsoft Office 365 represent?

Chris Noth has recently joined CloudAppSec Private Ltd. as a cloud security engineer. Owing to several instances of malicious activities performed by former employees on his organization’s applications and data that reside in an on-premises environment, in 2010, his organization adopted cloud computing and migrated all applications and data to the cloud. Chris would like to manage user identities in cloud-based services and applications. Moreover, he wants to reduce the risk caused by the accounts of former users (employees) by ensuring that the users who leave the system can no longer log in to the system. Therefore, he has enforced an IAM standard that can automate the provisioning and de-provisioning of users when they enter and leave the system. Which of the following IAM standards is implemented by Chris Noth?

Sam, a cloud admin, works for a technology company that uses Azure resources. Because Azure contains the resources of numerous organizations and several alerts are received timely, it is difficult for the technology company to identify risky resources, determine their owner, know whether they are needed, and know who pays for them. How can Sam organize resources to determine this information immediately?

Coral IT Systems is a multinational company that consumes cloud services. As a cloud service consumer (CSC), the organization should perform activities such as selecting, monitoring, implementing, reporting, and securing the cloud services. The CSC and cloud service provider (CSP) have a business relationship in which the CSP delivers cloud services to the CSC. Which cloud governance role is applicable to the organization?

Elaine Grey has been working as a senior cloud security engineer in an IT company that develops software and applications related to the financial sector. Her organization would like to extend its storage capacity and automate disaster recovery workflows using a VMware private cloud. Which of the following storage options can be used by Elaine in the VMware virtualization environment to connect a VM directly to a LUN and access it from SAN?

TechGloWorld is an IT company that develops cybersecurity software and applications for various customers across the globe. Owing to the cost-effective security and storage services provided by AWS, TechGloWorld has adopted AWS cloud-based services. A new employee, named Tom Harrison, has joined TechGloWorld as a cloud security engineer. The team leader of cloud security engineers would like to add an IAM user named Tom to the IAM group named Admins. Which of the following commands should be used by the TechGloWorld security team leader?

Dave Allen works as a cloud security engineer in an IT company located in Baltimore, Maryland. His organization uses cloud-based services; it also uses the Network Watcher regional service to monitor and diagnose problems at the network level. It contains network diagnostic and visualization tools that help in understanding, diagnosing, and obtaining visibility into the network in a cloud environment. This service helped Dave in detecting network vulnerabilities, monitoring network performance, and ensuring secure cloud operations. Which of the following cloud service providers offers the Network Watcher service?

Trevor Holmes works as a cloud security engineer in a multinational company. Approximately 7 years ago, his organization migrated its workload and data to the AWS cloud environment. Trevor would like to monitor malicious activities in the cloud environment and protect his organization’s AWS account, data, and workloads from unauthorized access. Which of the following Amazon detection services uses anomaly detection, machine learning, and integrated threat intelligence to identify and classify threats and provide actionable insights that include the affected resources, attacker IP address, and geolocation?

TechnoSoft Pvt. Ltd. is a BPO company that provides 24 × 7 customer service. To secure the organizational data and applications from adversaries, the organization adopted cloud computing. The security team observed that the employees are browsing restricted and inappropriate web pages. Which of the following techniques will help the security team of TechnoSoft Pvt. Ltd. in preventing the employees from accessing restricted or inappropriate web pages?