Which cloud service model should it consider?
A BPO company would like to expand its business and provide 24 x 7 customer service. Therefore, the organization wants to migrate to a fully functional cloud environment that provides all features with minimum maintenance and administration. Which cloud service model should it consider?A . laaSB . PaaSC . RaaSD...
Which Azure service can help her in detecting the severity and creating alerts?
Georgia Lyman is a cloud security engineer; she wants to detect unusual activities in her organizational Azure account. For this, she wants to create alerts for unauthorized activities with their severity level to prioritize the alert that should be investigated first. Which Azure service can help her in detecting the...
How can Georgia eliminate the data transfer capacity thresholds imposed on a virtual server by its virtualized environment?
Georgia Lyman works as a cloud security engineer in a multinational company. Her organization uses cloud-based services. Its virtualized networks and associated virtualized resources encountered certain capacity limitations that affected the data transfer performance and virtual server communication. How can Georgia eliminate the data transfer capacity thresholds imposed on a...
Which of the following commands should William try to create a new user access key ID and secret key for a user?
William O'Neil works as a cloud security engineer in an IT company located in Tampa, Florida. To create an access key with normal user accounts, he would like to test whether it is possible to escalate privileges to obtain AWS administrator account access. Which of the following commands should William...
If Ray turns off the VM, what will happen?
Ray Nicholson works as a senior cloud security engineer in TerraCloud Sec Pvt. Ltd. His organization deployed all applications in a cloud environment in various virtual machines. Using IDS, Ray identified that an attacker compromised a particular VM. He would like to limit the scope of the incident and protect...
Which of the following would have prevented this security breach and exploitation?
SevocSoft Private Ltd. is an IT company that develops software and applications for the banking sector. The security team of the organization found a security incident caused by misconfiguration in Infrastructure-as-Code (laC) templates. Upon further investigation, the security team found that the server configuration was built using a misconfigured laC...
Which of the following AWS service allows secure hosted queue server-side encryption (SSE), or uses custom SSE keys managed in AWS Key Management Service (AWS KMS)?
A web server passes the reservation information to an application server and then the application server queries an Airline service. Which of the following AWS service allows secure hosted queue server-side encryption (SSE), or uses custom SSE keys managed in AWS Key Management Service (AWS KMS)?A . Amazon Simple WorkflowB...
What can the organization do initially to avoid the legal implications of moving data between two AWS regions for analysis?
A security incident has occurred within an organization's AWS environment. A cloud forensic investigation procedure is initiated for the acquisition of forensic evidence from the compromised EC2 instances. However, it is essential to abide by the data privacy laws while provisioning any forensic instance and sending it for analysis. What...
Which of the following GCP services can help the client?
A client wants to restrict access to its Google Cloud Platform (GCP) resources to a specified IP range by making a trust-list. Accordingly, the client limits GCP access to users in its organization network or grants company auditors access to a requested GCP resource only. Which of the following GCP...
Which member of the team has an authoritative knowledge of incidents and can be involved in different domains such as security, legal, product, and digital forensics?
The GCP environment of a company named Magnitude IT Solutions encountered a security incident. To respond to the incident, the Google Data Incident Response Team was divided based on the different aspects of the incident. Which member of the team has an authoritative knowledge of incidents and can be involved...