312-40V2Preview

The TCK Bank adopts cloud for storing the private data of its customers. The bank usually explains its information sharing practices to its customers and safeguards sensitive data. However, there exist some security loopholes in its information sharing practices. Therefore, hackers could steal the critical data of the bank’s customers. In this situation, under which cloud compliance framework will the bank be penalized?

Tom Holland works as a cloud security engineer in an IT company located in Lansing, Michigan. His organization has adopted cloud-based services wherein user access, application, and data security are the responsibilities of the organization, and the OS, hypervisor, physical, infrastructure, and network security are the responsibilities of the cloud service provider. Based on the aforementioned cloud security shared responsibilities, which of the following cloud computing service models is enforced in Tom’s organization?

An organization, PARADIGM PlayStation, moved its infrastructure to a cloud as a security practice. It established an incident response team to monitor the hosted websites for security issues. While examining network access logs using SIEM, the incident response team came across some incidents that suggested that one of their websites was targeted by attackers and they successfully performed an SQL injection attack. Subsequently, the incident response team made the website and database server offline. In which of the following steps of the incident response lifecycle, the incident team determined to make that decision?

Global CloudEnv is a cloud service provider that provides various cloud-based services to cloud consumers. The cloud service provider adheres to the framework that can be used as a tool to systematically assess cloud implementation by providing guidance on the security controls that should be implemented by specific actors within the cloud supply chain. It is used as the standard to assess the security posture of organizations on the Security, Trust, Assurance, and Risk (STAR) registry. Based on the given information, which of the following cybersecurity control frameworks does Global CloudEnv adhere to?

Global SoftTechSol is a multinational company that provides customized software solutions and services to various clients located in different countries. It uses a public cloud to host its applications and services. Global SoftTechSol uses Cloud Debugger to inspect the current state of a running application in real-time, find bugs, and understand the behavior of the code in production. Identify the service provider that provides the Cloud Debugger feature to Global SoftTechSol?

Samuel Jackson has been working as a cloud security engineer for the past 12 years in VolkSec Pvt. Ltd., whose applications are hosted in a private cloud. Owing to the increased number of users for its services, the organizations is finding it difficult to manage the on-premises data center. To overcome scalability and data storage issues, Samuel advised the management of his organization to migrate to a public cloud and shift the applications and data. Once the suggestion to migrate to public cloud was accepted by the management, Samuel was asked to select a cloud service provider. After extensive research on the available public cloud service providers, Samuel made his recommendation. Within a short period, Samuel along with his team successfully transferred all applications and data to the public cloud. Samuel’s team would like to configure and maintain the platform, infrastructure, and applications in the new cloud computing environment. Which component of a cloud platform and infrastructure provides tools and interfaces to Samuel’s team for configuring and maintaining the platform, infrastructure, and application?

Global InfoSec Solution Pvt. Ltd. is an IT company that develops mobile-based software and applications. For smooth, secure, and cost-effective facilitation of business, the organization uses public cloud services. Now, Global InfoSec Solution Pvt. Ltd. is encountering a vendor lock-in issue. What is vendor lock-in in cloud computing?

Richard Roxburgh works as a cloud security engineer in an IT company. His organization was dissatisfied with the services of its previous cloud service provider. Therefore, in January 2020, his organization adopted AWS cloud-based services and shifted all workloads and data in the AWS cloud. Richard wants to provide complete security to the hosted applications before deployment and while running in the AWS ecosystem. Which of the following automated security assessment services provided by AWS can be used by Richard to improve application security and check the application for any type of vulnerability or deviation from the best practices automatically?

GlobalCloud is a cloud service provider that offers various cloud-based secure and cost-effective services to cloud consumers. The customer base of this organization increased within a short period; thus, external auditing was performed on GlobalCloud. The auditor used spreadsheets, databases, and data analyzing software to analyze a large volume of data. Based on the given information, which cloud-based audit method was used by the auditor to collect the objective evidence?

Rebecca Mader has been working as a cloud security engineer in an IT company located in Detroit, Michigan. Her organization uses AWS cloud-based services. An application is launched by a developer on an EC2 instance that needs access to the S3 bucket (photos). Rebecca created a get-pics service role and attached it to the EC2 instance. This service role comprises a permission policy that allows read-only access to the S3 bucket and a trust policy that allows the instance to assume the role and retrieve temporary credentials. The application uses the temporary credentials of the role to access the photo bucket when it runs on the instance. Does the developer need to share or manage credentials or does the admin need to grant permission to the developer to access the photo bucket?

Cindy Williams works as a cloud security engineer in an IT company located in Seattle, Washington. Owing to the cost-effective security, governance, and storage features provided by AWS, her organization adopted AWS cloud-based services. Cindy would like to detect any unusual activity in her organization’s AWS account. She would like to obtain the event history of her organization’s AWS account activity for security analysis and resource change tracking. Which of the following AWS service enables operational auditing, compliance, governance, and risk auditing for her organization’s AWS account?

Katie Holmes has been working as a cloud security engineer over the past 7 years in an MNC. Since the outbreak of the COVID-19 pandemic, the cloud service provider could not provide cloud services efficiently to her organization. Therefore, Katie suggested to the management that they should design and build their own data center. Katie’s requisition was approved, and after 8 months, Katie’s team successfully designed and built an on-premises data center. The data center meets all organizational requirements; however, the capacity components are not redundant. If a component is removed, the data center comes to a halt. Which tier data center was designed and constructed by Katie’s team?

Daffod is an American cloud service provider that provides cloud-based services to customers worldwide. Several customers are adopting the cloud services provided by Daffod because they are secure and cost- effective. Daffod complies with the cloud computing law enacted in the US to realize the importance of information security in the economic and national security interests of the US. Based on the given information, which law order does Daffod adhere to?

Falcon Computers is an IT company that runs its IT infrastructure on the cloud. The organization must implement cloud governance in its corporate cloud environment to align its business vision with the cloud vision. Which of the following cloud governance components can help the organization to align the cloud vision and business vision?

The GCP environment of a company named Magnitude IT Solutions encountered a security incident. To respond to the incident, the Google Data Incident Response Team was divided based on the different aspects of the incident. Which member of the team has an authoritative knowledge of incidents and can be involved in different domains such as security, legal, product, and digital forensics?

A security incident has occurred within an organization’s AWS environment. A cloud forensic investigation procedure is initiated for the acquisition of forensic evidence from the compromised EC2 instances. However, it is essential to abide by the data privacy laws while provisioning any forensic instance and sending it for analysis. What can the organization do initially to avoid the legal implications of moving data between two AWS regions for analysis?

Martin Sheen is a senior cloud security engineer in SecGlob Cloud Pvt. Ltd. Since 2012, his organization has been using AWS cloud-based services. Using an intrusion detection system and antivirus software, Martin noticed that an attacker is trying to breach the security of his organization. Therefore, Martin would like to identify and protect the sensitive data of his organization. He requires a fully managed data security service that supports S3 storage and provides an inventory of publicly shared buckets, unencrypted buckets, and the buckets shared with AWS accounts outside his organization. Which of the following Amazon services fulfills Martin’s requirement?

Melissa George is a cloud security engineer in an IT company. Her organization has adopted cloud-based services. The integration of cloud services has become significantly complicated to be managed by her organization. Therefore, her organization requires a third-party to consult, mediate, and facilitate the selection of a solution. Which of the following NIST cloud deployment reference architecture actors manage cloud service usage, performance, and delivery, and maintains the relationship between the CSPs and cloud consumers?

Teresa Ruiz works as a cloud security engineer in an IT company. In January 2021, the data deployed by her in the cloud environment was corrupted, which caused a tremendous loss to her organization. Therefore, her organization changed its cloud service provider. After deploying the workload and data in the new service provider’s cloud environment, Teresa backed up the entire data of her organization. A new employee, Barbara Houston, who recently joined Teresa’s organization as a cloud security engineer, only backed up those files that changed since the last executed backup. Which type of backup was performed by Barbara in the cloud?

Sandra Oliver has been working as a cloud security engineer in an MNC. Her organization adopted the Microsoft Azure cloud environment owing to its on-demand scalability, robust security, and high availability features. Sandra’s team leader assigned her the task to increase the availability of organizational applications; therefore, Sandra is looking for a solution that can be utilized for distributing the traffic to backend Azure virtual machines based on the attributes of the HTTP request received from clients. Which of the following Azure services fulfills Sarah’s requirements?

Jayson Smith works as a cloud security engineer in CloudWorld SecCo Pvt. Ltd. This is a third-party vendor that provides connectivity and transport services between cloud service providers and cloud consumers. Select the actor that describes CloudWorld SecCo Pvt. Ltd. based on the NIST cloud deployment reference architecture?

Ray Nicholson works as a senior cloud security engineer in TerraCloud Sec Pvt. Ltd. His organization deployed all applications in a cloud environment in various virtual machines. Using IDS, Ray identified that an attacker compromised a particular VM. He would like to limit the scope of the incident and protect other resources in the cloud. If Ray turns off the VM, what will happen?

VoxCloPro is a cloud service provider based in South America that offers all types of cloud-based services to cloud consumers. The cloud-based services provided by VoxCloPro are secure and cost-effective. Terra Soft. Pvt. Ltd. is an IT company that adopted the cloud-based services of VoxCloPro and transferred the data and applications owned by the organization from on-premises to the VoxCloPro cloud environment. According to the data protection laws of Central and South American countries, who among the following is responsible for ensuring the security and privacy of personal data?

Veronica Lauren has an experience of 4 years as a cloud security engineer. Recently, she joined an IT company as a senior cloud security engineer. In 2010, her organization became a victim of a cybersecurity attack in which the attacker breached her organization’s cloud security perimeter and stole sensitive information. Since then, her organization started using Google cloud-based services and migrated the organizational workload and data in the Google cloud environment. Veronica would like to detect security breaches in her organization’s cloud security perimeter. Which of the following built-in service of Google Security Command Center can help Veronica in monitoring her organization’s cloud logging stream and collect logs from one or multiple projects to detect security breaches such as the presence of malware, brute force SSH attempts, and cryptomining?