Trevor Noah works as a cloud security engineer in an IT company located in Seattle, Washington. Trevor has implemented a disaster recovery approach that runs a scaled-down version of a fully functional environment in the cloud. This method is most suitable for his organization’s core business-critical functions and solutions that require the RTO and RPO to be within minutes.

Based on the given information, which of the following disaster recovery approach is implemented by Trevor?

Reveal Solution Hide Solution

You are the manager of a cloud-based security platform that offers critical services to government agencies and private companies. One morning, your team receives an alert from the platform’s intrusion detection system indicating that there has been a potential breach in the system.

As the manager, which tool you will use for viewing and monitoring the sensitive data by scanning storage systems and reviewing the access rights to critical resources via a single centralized dashboard?

Reveal Solution Hide Solution

An organization, PARADIGM PlayStation, moved its infrastructure to a cloud as a security practice. It

established an incident response team to monitor the hosted websites for security issues. While examining network access logs using SIEM, the incident response team came across some incidents that suggested that one of their websites was targeted by attackers and they successfully performed an SQL injection attack.

Subsequently, the incident response team made the website and database server offline.

In which of the following steps of the incident response lifecycle, the incident team determined to make that decision?

Reveal Solution Hide Solution

Global SciTech Pvt. Ltd. is an IT company that develops healthcare-related software. Using an incident detection system (IDS) and antivirus software, the incident response team of the organization has observed that attackers are targeting the organizational network to gain access to the resources in the on-premises environment. Therefore, their team of cloud security engineers met with a cloud service provider to discuss the various security provisions offered by the cloud service provider. While discussing the security of the organization’s virtual machine in the cloud environment, the cloud service provider stated that the Network Security Groups (NSGs) will secure the VM by allowing or denying network traffic to VM instances in a virtual network based on inbound and outbound security rules.

Which of the following cloud service provider filters the VM network traffic in a virtual network using NSGs?

Reveal Solution Hide Solution

TetraSoft Pvt. Ltd. is an IT company that provides software and application services to numerous customers across the globe. In 2015, the organization migrated its applications and data from on-premises to the AWS cloud environment. The cloud security team of TetraSoft Pvt. Ltd. suspected that the EC2 instance that launched the core application of the organization is compromised. Given below are randomly arranged steps involved in the forensic acquisition of an EC2 instance.

In this scenario, when should the investigators ensure that a forensic instance is in the terminated state?

Reveal Solution Hide Solution

Georgia Lyman is a cloud security engineer; she wants to detect unusual activities in her organizational Azure account. For this, she wants to create alerts for unauthorized activities with their severity level to prioritize the alert that should be investigated first.

Which Azure service can help her in detecting the severity and creating alerts?

Reveal Solution Hide Solution

QuickServ Solutions is an organization that wants to migrate to the cloud. It is in the phase of signing an agreement with a cloud vendor. For that, QuickServ Solutions must assess the current vendor procurement process to determine how the company can mitigate cloud-related risks.

How can the company accomplish that?

Reveal Solution Hide Solution

Thomas Gibson is a cloud security engineer working in a multinational company. Thomas has created a Route 53 record set from his domain to a system in Florida, and a similar record to machines in Paris and Singapore.

Assume that network conditions remain unchanged and Thomas has hosted the application on Amazon EC2 instance; moreover, multiple instances of the application are deployed on different EC2 regions. When a user located in London visits Thomas’s domain, to which location does Amazon Route 53 route the user request?

Reveal Solution Hide Solution

Assume you work for an IT company that collects user behavior data from an e-commerce web application. This data includes the user interactions with the applications, such as purchases, searches, saved items, etc. Capture this data, transform it into zip files, and load these massive volumes of zip files received from an application into Amazon S3.

Which AWS service would you use to do this?

Reveal Solution Hide Solution

Kevin Ryan has been working as a cloud security engineer over the past 2 years in a multinational company, which uses AWS-based cloud services. He launched an EC2 instance with Amazon Linux AMI. By disabling password-based remote logins, Kevin wants to eliminate all possible loopholes through which an attacker can exploit a user account remotely. To disable password-based remote logins, using the text editor, Kevin opened the /etc/ssh/sshd_config file and found the #PermitRootLogin yes line.

Which of the following command lines should Kevin use to change the #PermitRootLogin yes line to disable password-based remote logins?

Reveal Solution Hide Solution