Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil 312-40 - EC-Council Certified Cloud Security Engineer (CCSE)

Page: 3 / 5
Total 147 questions

Aidan McGraw is a cloud security engineer in a multinational company. In 2018, his organization deployed its workloads and data in a cloud environment. Aidan was given the responsibility of securing high-valued information that needs to be shared outside the organization from unauthorized intruders and hackers. He would like to protect sensitive information about his organization, which will be shared outside the organization, from attackers by encrypting the data and including user permissions inside the file containing this information. Which technology satisfies Aidan's requirements?

A.

Information Rights Management

B.

Identity and Access Management

C.

System for Cross-Domain Identity Management

D.

Privileged User Management

An AWS customer was targeted with a series of HTTPS DDoS attacks, believed to be the largest layer 7 DDoS reported to date. Starting around 10 AM ET on March 1, 2023, more than 15,500 requests per second (rps) began targeting the AWS customer's load balancer. After 10 min, the number of requests increased to 2,50,000 rps.

This attack resembled receiving the entire daily traffic in only 10s. An AWS service was used to sense and mitigate this DDoS attack as well as prevent bad bots and application vulnerabilities. Identify which of the following AWS services can accomplish this.

A.

AWS Amazon Direct Connect

B.

Amazon CloudFront

C.

AWS Shield Standard

D.

AWS EBS

SecAppSol Pvt. Ltd. is a cloud software and application development company located in Louisville, Kentucky. The security features provided by its previous cloud service provider was not satisfactory, and in 2012, the organization became a victim of eavesdropping. Therefore, SecAppSol Pvt. Ltd. changed its cloud service provider and adopted AWS cloud-based services owing to its robust and cost-effective security features. How does SecAppSol Pvt. Ltd.'s security team encrypt the traffic between the load balancer and client that initiate

SSL or TLS sessions?

A.

By enabling Amazon GuardDuty

B.

By enabling HTTPS listener

C.

By enabling Cloud Identity Aware Proxy

D.

By enabling RADIUS Authentication

Alex Hales works as a cloud security specialist in an IT company. He wants to make his organization's business faster and more efficient by implementing Security Assertion Mark-up Language (SAML) that will enable employees to securely access multiple cations with a single set of credentials. What is SAML?

A.

It is a YAML-based authentication and authorization standard

B.

It is an HTML based authentication and authorization standard

C.

It is a XML based authentication and authorization standard

D.

It is a JSON based authentication and authorization standard

InternSoft Solution Pvt. Ltd. is an IT company located in Boston, Massachusetts. The IT and InfoSec teams of the organization uses CASP to customize access rules and automate compliance policies. Using CASP solutions, they could access the account activities in the cloud, which makes it easy for them to achieve compliance, data security, and threat protection. What is CASP?

A.

It is a CASB that uses APIs

B.

It is a WAF that uses proxies

C.

It is a CASB that uses proxies

D.

It is a RASP that uses APIs

TeratInfo Pvt. Ltd. is an IT company that develops software products and applications for financial

organizations. Owing to the cost-effective storage features and robust services provided by cloud computing, TeratInfo Pvt. Ltd. adopted cloud-based services. Recently, its security team observed a dip in the organizational system performance. Susan, a cloud security engineer, reviewed the list of publicly accessible resources, security groups, routing tables, ACLs, subnets, and IAM policies. What is this process called?

A.

Checking audit and evidence-gathering features in the cloud service

B.

Checking for the right implementation of security management

C.

Testing for virtualization management security

D.

Performing cloud reconnaissance

Kelsey Lewis has been working as a cloud security engineer in a BPO company that provides 24-7 customer service. Owing to the cost-effective storage and security features provided by cloud computing, her organization adopted the cloud environment 4 years ago. Kelsey implemented the TLS protocol to provide security to e-mail communications, voice over IP (VoIP) communication, web traffic, messaging clients, file transfers, and internet services [Domain Name Service (DNS) and Network Time Protocol (NTP)). Which certificate is used by TLS for communication authentication and encryption between hosts?

A.

X.507 certificates issued by the Certificate Authority

B.

X.508 certificates issued by the Certificate Authority

C.

X.506 certificate issued by the Certificate Authority

D.

X.509 certificates issued by the Certificate Authority

Colin Farrell works as a senior cloud security engineer in a healthcare company. His organization has migrated all workloads and data in a private cloud environment. An attacker used the cloud environment as a point to disrupt the business of Colin's organization. Using intrusion detection prevention systems, antivirus software, and log analyzers, Colin successfully detected the incident; however, a group of users were not able to avail the critical services provided by his organization. Based on the incident impact level classification scales, select the severity of the incident encountered by Colin's organization?

A.

High

B.

None

C.

Low

D.

Medium

Lexie Roth works as a cloud security engineer in an IT company located in Boston, Massachusetts. Her organization generates a huge amount of data. To increase the storage size, speed, and fault tolerance, Lexie would like to configure and create a RAID. Therefore, she created a RAID on windows Server 2016, which includes block level striping with a distributed parity. The parity information is distributed among all drives. except one. The data chunks in the RAID are larger than the regular I/O size, but they can be re-sized. To prevent data loss after a drive fails, data are calculated from the distributed parity. The RAID configured by Lexie requires at least three disks, but for robust performance, Lexie used seven disks. Based on the given information, which of the following RAID was configured and created by Lexie?

A.

RAID 3

B.

RAID 5

C.

RAID1

D.

RAID 0

SeaCloud Soft Pvt. Ltd. is an IT company that develops software and applications related to the healthcare industry. To safeguard the data and applications against The organization did not trust the cloud service attackers, the organization adopted cloud computing. provider; therefore, it Implemented an encryption technique that secures data during communication and storage. SeaCloud Soft Pvt. Ltd. performed computation on the encrypted data and then sent the data to the cloud service provider. Based on the given information, which of the following encryption techniques was implemented by SeaCloud Soft Pvt. Ltd.?

A.

Ciphertext attribute based encryption

B.

Fully homomorphic encryption

C.

Key policy attribute-based encryption

D.

Identity-based encryption