Winter Sale- Special Discount Limited Time 65% Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

ECCouncil 312-40 EC-Council Certified Cloud Security Engineer (CCSE) Exam Practice Test

Page: 1 / 13
Total 125 questions

EC-Council Certified Cloud Security Engineer (CCSE) Questions and Answers

Question 1

On database system of a hospital maintains rarely-accessed patients' data such as medical records including high-resolution images of ultrasound reports, MRI scans, and X-Ray reports for years. These records occupy a lot of space and need to be kept safe as it contains sensitive medical data. Which of the following Azure storage services best suitable for such rarely-accessed data with flexible latency requirement?

Options:

A.

Azure Backup: Restore-as-a-Service

B.

Azure File Sync

C.

Azure Archive Storage

D.

Azure Recovery Services Vault

Question 2

Jordon Bridges works as a cloud security engineer in a multinational company. His organization uses Google cloud-based services (GC) because Google cloud provides robust security services, better pricing than competitors, improved performance, and redundant backup. Using IAM security configuration, Jordon implemented the principle of least privilege. A GC IAM member could be a Google account, service account, Google group, G Suite, or cloud identity domain with an identity to access Google cloud resources. Which of the following identities is used by GC IAM members to access Google cloud resources?

Options:

A.

For Google Account, Google group, and service account, the identity used is the domain name,

whereas in G Suite and cloud identity domain, the identity used is an email address.

B.

For Google Account, Google group, and service account, the identity used is an email address,

whereas in G Suite and cloud identity domain, the identity used is the domain name.

C.

For Google Account, Google group, and G suite, the identity used is the domain name, whereas in

service account and cloud identity domain, the identity used is an email address.

D.

For Google Account, Google group, and G suite, the identity used is an email address, whereas in

service account and cloud identity domain, the identity used is the domain name.

Question 3

An organization uses AWS for its operations. It is observed that the organization's EC2 instance is

communicating with a suspicious port. Forensic investigators need to understand the patterns of the current security breach. Which log source on the AWS platform can provide investigators with data of evidentiary value during their investigation?

Options:

A.

Amazon CloudTrail

B.

Amazon CloudWatch

C.

Amazon VPC flow logs

D.

S3 Server Access Logs

Question 4

TechnoSoft Pvt. Ltd. is a BPO company that provides 24 * 7 customer service. To secure the organizational data and applications from adversaries, the organization adopted cloud computing. The security team observed that the employees are browsing restricted and inappropriate web pages. Which of the following techniques will help the security team of TechnoSoft Pvt. Ltd. in preventing the employees from accessing restricted or inappropriate web pages?

Options:

A.

Data Loss Prevention (DLP)

B.

Cloud access security broker (CASB)

C.

Geo-Filtering

D.

URL filtering

Question 5

Colin Farrell works as a senior cloud security engineer in a healthcare company. His organization has migrated all workloads and data in a private cloud environment. An attacker used the cloud environment as a point to disrupt the business of Colin's organization. Using intrusion detection prevention systems, antivirus software, and log analyzers, Colin successfully detected the incident; however, a group of users were not able to avail the critical services provided by his organization. Based on the incident impact level classification scales, select the severity of the incident encountered by Colin's organization?

Options:

A.

High

B.

None

C.

Low

D.

Medium

Question 6

Kenneth Danziger has been working as a cloud security engineer in a multinational company. His organization uses AWS cloud-based services. Kenneth would like to review the changes in configuration and the relationships between AWS resources, examine the detailed resource configuration history, and determine the overall compliance of his organization against the configurations specified in internal guidelines. Which of the following AWS services enables Kenneth to assess, audit, and evaluate the configuration of AWS resources?

Options:

A.

AWS CloudTrail

B.

AWS CloudFormation

C.

AWS Config

D.

AWS Security Hub

Question 7

A web server passes the reservation information to an application server and then the application server queries an Airline service. Which of the following AWS service allows secure hosted queue server-side encryption (SSE), or uses custom SSE keys managed in AWS Key Management Service (AWS KMS)?

Options:

A.

Amazon Simple Workflow

B.

Amazon SQS

C.

Amazon SNS

D.

Amazon CloudSearch

Question 8

A cloud organization, AZS, wants to maintain homogeneity in its cloud operations because the CPU speed measured by AZS varies and the measurement units lack consistency in the standards. For example, AWS defines the CPU speed with Elastic Compute Unit, Google with Google Compute Engine Unit, and Microsoft with clock speed. Here, which cloud computing standard can leverage frameworks and architectures specific to the cloud for maintaining homogeneity in operations?

Options:

A.

occ

B.

DMTF

C.

NIST

D.

CSA

Question 9

Sandra, who works for SecAppSol Technologies, is on a vacation. Her boss asked her to solve an urgent issue in an application. Sandra had to use applications present on her office laptop to solve this issue, and she successfully rectified it. Despite being in a different location, she could securely use the application. What type of service did the organization use to ensure that Sandra could access her office laptop from a remote area?

Options:

A.

Amazon AppStream 2.0

B.

Amazon Elastic Transcoder Service

C.

Amazon SQS

D.

Amazon Simple Workflow

Question 10

Veronica Lauren has an experience of 4 years as a cloud security engineer. Recently, she joined an IT company as a senior cloud security engineer. In 2010, her organization became a victim of a cybersecurity attack in which the attacker breached her organization's cloud security perimeter and stole sensitive information. Since then, her organization started using Google cloud-based services and migrated the organizational workload and data in the Google cloud environment. Veronica would like to detect security breaches in her organization's cloud security perimeter. Which of the following built-in service of Google Security Command Center can help Veronica in monitoring her organization's cloud logging stream and collect logs from one or multiple projects to detect security breaches such as the presence of malware, brute force SSH attempts, and cryptomining?

Options:

A.

Event Threat Detection

B.

Web Security Scanner

C.

Container Threat Detection

D.

Security Health Analytics

Question 11

Christina Hendricks recently joined an MNC as a cloud security engineer. Owing to robust provisions for storing an enormous quantity of data, security features, and cost-effective services offered by AWS, her organization migrated its applications and data from an on-premises environment to the AWS cloud. Christina's organization generates structured, unstructured, and semi-structured data. Christina's team leader asked her to store block-level data in AWS storage services. Which of the following AWS storage services should be used by Christina to store block-level data?

Options:

A.

Amazon EBS

B.

Amazon Glacier

C.

Amazon EFS

D.

Amazon S3

Question 12

Rachel McAdams works as a cloud security engineer in an MNC. A DRaaS company has provided a disasterrecovery site to her organization. The disaster recovery sites have partially redundant equipment with daily or weekly data synchronization provision; failover occurs within hours or days with minimum data loss. Based on this information, which of the following disaster recovery sites is provided by the DRaaS company to Rachel's organization?

Options:

A.

Warm Site

B.

Cold Site

C.

Remote site

D.

Hot Site

Question 13

Georgia Lyman works as a cloud security engineer in a multinational company. Her organization uses cloud-based services. Its virtualized networks and associated virtualized resources encountered certain capacity limitations that affected the data transfer performance and virtual server communication. How can Georgia eliminate the data transfer capacity thresholds imposed on a virtual server by its virtualized environment?

Options:

A.

By allowing the virtual appliance to bypass the hypervisor and access the I/O card of the physical server directly

B.

By restricting the virtual appliance to bypass the hypervisor and access the I/O card of the physical server directly

C.

By restricting the virtual server to bypass the hypervisor and access the I/O card of the physical server directly

D.

By allowing the virtual server to bypass the hypervisor and access the I/O card of the physical server directly

Question 14

Chris Evans has been working as a cloud security engineer in a multinational company over the past 3 years. His organization has been using cloud-based services. Chris uses key vault as a key management solution because it offers easier creation of encryption keys and control over them. Which of the following public cloud service providers allows Chris to do so?

Options:

A.

AWS

B.

Azure

C.

GCP

D.

Oracle

Question 15

William O'Neil works as a cloud security engineer in an IT company located in Tampa, Florida. To create an access key with normal user accounts, he would like to test whether it is possible to escalate privileges to obtain AWS administrator account access. Which of the following commands should William try to create a new user access key ID and secret key for a user?

Options:

A.

aws iam target_user -user-name create-access-key

B.

aws iam create-access-key -user-name target_user

C.

aws iam create-access-key target_user -user-name

D.

aws iam -user-name target_user create-access-key

Question 16

VoxCloPro is a cloud service provider based in South America that offers all types of cloud-based services to cloud consumers. The cloud-based services provided by VoxCloPro are secure and cost-effective. Terra Soft.

Pvt. Ltd. is an IT company that adopted the cloud-based services of VoxCloPro and transferred the data and applications owned by the organization from on-premises to the VoxCloPro cloud environment. According to the data protection laws of Central and South American countries, who among the following is responsible for ensuring the security and privacy of personal data?

Options:

A.

Cloud Carrier

B.

Cloud Broker

C.

Terra Soft. Pvt. Ltd

D.

VoxCloPro

Question 17

QuickServ Solutions is an organization that wants to migrate to the cloud. It is in the phase of signing an agreement with a cloud vendor. For that, QuickServ Solutions must assess the current vendor procurement process to determine how the company can mitigate cloud-related risks. How can the company accomplish that?

Options:

A.

Using Cloud Computing Contracts

B.

Using Gap Analysis

C.

Using Vendor Transitioning

D.

Using Internal Audit

Question 18

In a tech organization's cloud environment, an adversary can rent thousands of VM instances for launching a DDoS attack. The criminal can also keep secret documents such as terrorist and illegal money transfer docs in the cloud storage. In such a situation, when a forensic investigation is initiated, it involves several stakeholders (government members, industry partners, third-parties, and law enforcement). In this scenario, who acts as the first responder for the security issue on the cloud?

Options:

A.

Incident Handlers

B.

External Assistance

C.

Investigators

D.

IT Professionals

Question 19

Global CloudEnv is a cloud service provider that provides various cloud-based services to cloud consumers. The cloud service provider adheres to the framework that can be used as a tool to systematically assess cloud implementation by providing guidance on the security controls that should be implemented by specific actors within the cloud supply chain. It is used as the standard to assess the security posture of organizations on the Security, Trust, Assurance, and Risk (STAR) registry. Based on the given information, which of the following cybersecurity control frameworks does Global CloudEnv adhere to?

Options:

A.

CDMI

B.

CSA CCM

C.

CSA CAIQ

D.

ITU-T X.1601

Question 20

The e-commerce platform www.evoucher.com observes overspending 15% to 30% due to unawareness of the mistakes in threat detection and security governance while using the services of its cloud provider AWS. It feels it requires a well-thought-out roadmap to improve its cloud journey. How can the company accelerate its cloud journey with desired outcomes and business value?

Options:

A.

By following AWS CAF

B.

By following AWS SMPM

C.

By following AWS IAM

D.

By following Amazon ELB

Question 21

InternSoft Solution Pvt. Ltd. is an IT company located in Boston, Massachusetts. The IT and InfoSec teams of the organization uses CASP to customize access rules and automate compliance policies. Using CASP solutions, they could access the account activities in the cloud, which makes it easy for them to achieve compliance, data security, and threat protection. What is CASP?

Options:

A.

It is a CASB that uses APIs

B.

It is a WAF that uses proxies

C.

It is a CASB that uses proxies

D.

It is a RASP that uses APIs

Question 22

SecureSoftWorld Pvt. Ltd. is an IT company that develops software solutions catering to the needs of the healthcare industry. Most of its services are hosted in Google cloud. In the cloud environment, to secure the applications and services, the organization uses Google App Engine Firewall that controls the access to the App Engine with a set of rules that denies or allows requests from a specified range of IPs. How many unique firewall rules can SecureSoftWorld Pvt. Ltd define using App Engine Firewall?

Options:

A.

Up to 10000

B.

Up to 1000

C.

Up to 10

D.

Up to 100

Question 23

Shannon Elizabeth works as a cloud security engineer in VicPro Soft Pvt. Ltd. Microsoft Azure provides all cloud-based services to her organization. Shannon created a resource group (ProdRes), and then created a virtual machine (myprodvm) in the resource group. On myprodvm virtual machine, she enabled JIT from the Azure Security Center dashboard. What will happen when Shannon enables JIT VM access?

Options:

A.

It locks down the inbound traffic from myprodvm by creating a rule in the network security group

B.

It locks down the inbound traffic to myprodvm by creating a rule in the Azure firewall

C.

It locks down the outbound traffic from myprodvm by creating a rule in the network security group

D.

It locks down the outbound traffic to myprodvm by creating a rule in the Azure firewall

Question 24

Luke Grimes has recently joined a multinational company as a cloud security engineer. The company has been using the AWS cloud. He would like to reduce the risk of man-in-the-middle attacks in all Redshift clusters.

Which of the following parameters should Grimes enable to reduce the risk of man-in-the-middle attacks in all Redshift clusters?

Options:

A.

wlm_ssl

B.

enable_user_ssl

C.

require_ssl

D.

fips_ssl

Question 25

Rick Warren has been working as a cloud security engineer in an IT company for the past 4 years. Owing to the robust security features and various cost-effective services offered by AWS, in 2010, his organization migrated to the AWS cloud environment. While inspecting the intrusion detection system, Rick detected a security incident. Which of the following AWS services collects logs from various data sources and stores them on a centralized location as logs files that can be used during forensic investigation in the event of a security incident?

Options:

A.

Amazon CloudWatch

B.

AWS CloudFormation

C.

Amazon CloudFront

D.

Amazon CloudTrail

Question 26

YourTrustedCloud is a cloud service provider that provides cloud-based services to several multinational companies. The organization adheres to various frameworks and standards. YourTrustedCloud stores and processes credit card and payment-related data in the cloud environment and ensures the security of transactions and the credit card processing system. Based on the given information, which of the following standards does YourTrustedCloud adhere to?

Options:

A.

CLOUD

B.

FERPA

C.

GLBA

D.

PCI DSS

Question 27

A mid-sized company uses Azure as its primary cloud provider for its infrastructure. Its cloud security analysts are responsible for monitoring security events across multiple Azure resources (subscriptions, VMs, Storage, and SQL databases) and getting threat intelligence and intelligent security analytics throughout their organization. Which Azure service would the security analysts use to achieve their goal of having a centralized view of all the security events and alerts?

Options:

A.

Azure RBAC

B.

Azure Monitor

C.

Azure Sentinel

D.

Azure CDN

Question 28

A large e-commerce company named ShopZone uses GCP to host its online store. Recently, the company noticed several errors reported by customers while trying to make purchases on their website. They suspect that there may be some issue with the payment processing system. To investigate this issue, the cloud forensic team of the company decided to look at the logs for the payment processing system and identify anomalies that may be causing the problem. Which of the following GCP log categories helps the team gain the relevant information?

Options:

A.

Component Logs

B.

User-written logs

C.

Platform logs

D.

Security logs

Question 29

Daffod is an American cloud service provider that provides cloud-based services to customers worldwide. Several customers are adopting the cloud services provided by Daffod because they are secure and cost-effective. Daffod is compliant with the cloud computing law that protects the student information collected by educational institutions and their associated vendors. Based on the information given, which law does Daffod adhere to?

Options:

A.

ECPA

B.

FERPA

C.

CLOUD

D.

FISMA

Question 30

Shell Solutions Pvt. Ltd. is an IT company that develops software products and services for BPO companies. The organization became a victim of a cybersecurity attack. Therefore, it migrated its applications and workloads from on-premises to a cloud environment. Immediately, the organization established an incident response team to prevent such incidents in the future. Using intrusion detection system and antimalware software, the incident response team detected a security incident and mitigated the attack. The team recovered the resources from the incident and identified various vulnerabilities and flaws in their cloud environment. Which step of the incident response lifecycle includes the lessons learned from previous attacks and analyzes and

documents the incident to understand what should be improved?

Options:

A.

Analysis

B.

Post-mortem

C.

Coordination and Information Sharing

D.

Preparation

Question 31

Karen Gillan has recently joined an IT company as a cloud security engineer. Her organization would like to adopt cloud-based services to provide 24 x 7 customer support to its clients. It wants to transfer its customer database and transaction details along with the applications used for managing and supporting its customers.

Before migrating to cloud, which of the following analyses should be performed by Karen on the security capabilities and services provided by cloud service providers to understand the security requirements of the organization and those provided by the cloud service provider?

Options:

A.

Gap Analysis

B.

Domain Analysis

C.

Business Impact Analysis

D.

Artificial Intelligence Analysis

Question 32

A BPO company would like to expand its business and provide 24 x 7 customer service. Therefore, the organization wants to migrate to a fully functional cloud environment that provides all features with minimum maintenance and administration. Which cloud service model should it consider?

Options:

A.

laaS

B.

PaaS

C.

RaaS

D.

SaaS

Question 33

Richard Roxburgh works as a cloud security engineer in an IT company. His organization was dissatisfied with the services of its previous cloud service provider. Therefore, in January 2020, his organization adopted AWS cloud-based services and shifted all workloads and data in the AWS cloud. Richard wants to provide complete security to the hosted applications before deployment and while running in the AWS ecosystem. Which of the following automated security assessment services provided by AWS can be used by Richard to improve application security and check the application for any type of vulnerability or deviation from the best practices automatically?

Options:

A.

AWS CloudFormation

B.

Amazon Inspector

C.

AWS Control Tower

D.

Amazon CloudFront

Question 34

TetraSoft Pvt. Ltd. is an IT company that provides software and application services to numerous customers across the globe. In 2015, the organization migrated its applications and data from on-premises to the AWS cloud environment. The cloud security team of TetraSoft Pvt. Ltd. suspected that the EC2 instance that launched the core application of the organization is compromised. Given below are randomly arranged steps

involved in the forensic acquisition of an EC2 instance. In this scenario, when should the investigators ensure that a forensic instance is in the terminated state?

Options:

A.

After creating evidence volume from the snapshot

B.

Before taking a snapshot of the EC2 instance

C.

Before attaching evidence volume to the forensic instance

D.

After attaching evidence volume to the forensic instance

Question 35

Trevor Noah works as a cloud security engineer in an IT company located in Seattle, Washington. Trevor has implemented a disaster recovery approach that runs a scaled-down version of a fully functional environment in the cloud. This method is most suitable for his organization's core business-critical functions and solutions that require the RTO and RPO to be within minutes. Based on the given information, which of the following disaster recovery approach is implemented by Trevor?

Options:

A.

Backup and Restore

B.

Multi-Cloud Option

C.

Pilot Light approach

D.

Warm Standby

Question 36

Georgia Lyman is a cloud security engineer; she wants to detect unusual activities in her organizational Azure account. For this, she wants to create alerts for unauthorized activities with their severity level to prioritize the alert that should be investigated first. Which Azure service can help her in detecting the severity and creating alerts?

Options:

A.

Windows Defender

B.

Cloud Operations Suite

C.

Microsoft Defender for Cloud

D.

Cloud DLP

Question 37

GlobalCloud is a cloud service provider that offers various cloud-based secure and cost-effective services to cloud consumers. The customer base of this organization increased within a short period; thus, external auditing was performed on GlobalCloud. The auditor used spreadsheets, databases, and data analyzing software to analyze a large volume of data. Based on the given information, which cloud-based audit method was used by the auditor to collect the objective evidence?

Options:

A.

Gap Analysis

B.

CAAT

C.

Striping

D.

Re-Performance

Page: 1 / 13
Total 125 questions