최신 312-40 무료덤프 - EC-COUNCIL EC-Council Certified Cloud Security Engineer (CCSE)
Chris Noth has recently joined CloudAppSec Private Ltd. as a cloud security engineer. Owing to several instances of malicious activities performed by former employees on his organization's applications and data that reside in an on-premises environment, in 2010, his organization adopted cloud computing and migrated all applications and data to the cloud. Chris would like to manage user identities in cloud-based services and applications. Moreover, he wants to reduce the risk caused by the accounts of former users (employees) by ensuring that the users who leave the system can no longer log in to the system. Therefore, he has enforced an IAM standard that can automate the provisioning and de-provisioning of users when they enter and leave the system. Which of the following IAM standards is implemented by Chris Noth?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Brentech Services allows its clients to access (read, write, or delete) Google Cloud Storage resources for a limited time without a Google account while it controls access to Cloud Storage. How does the organization accomplish this?
정답: A
Christina Hendricks recently joined an MNC as a cloud security engineer. Owing to robust provisions for storing an enormous quantity of data, security features, and cost-effective services offered by AWS, her organization migrated its applications and data from an on-premises environment to the AWS cloud.
Christina's organization generates structured, unstructured, and semi-structured data. Christina's team leader asked her to store block-level data in AWS storage services. Which of the following AWS storage services should be used by Christina to store block-level data?
Christina's organization generates structured, unstructured, and semi-structured data. Christina's team leader asked her to store block-level data in AWS storage services. Which of the following AWS storage services should be used by Christina to store block-level data?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Global SciTech Pvt. Ltd. is an IT company that develops healthcare-related software. Using an incident detection system (IDS) and antivirus software, the incident response team of the organization has observed that attackers are targeting the organizational network to gain access to the resources in the on-premises environment. Therefore, their team of cloud security engineers met with a cloud service provider to discuss the various security provisions offered by the cloud service provider. While discussing the security of the organization's virtual machine in the cloud environment, the cloud service provider stated that the Network Security Groups (NSGs) will secure the VM by allowing or denying network traffic to VM instances in a virtual network based on inbound and outbound security rules. Which of the following cloud service provider filters the VM network traffic in a virtual network using NSGs?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
The cloud administrator John was assigned a task to create a different subscription for each division of his organization. He has to ensure all the subscriptions are linked to a single Azure AD tenant and each subscription has identical role assignments. Which Azure service will he make use of?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Jayson Smith works as a cloud security engineer in CloudWorld SecCo Pvt. Ltd. This is a third-party vendor that provides connectivity and transport services between cloud service providers and cloud consumers. Select the actor that describes CloudWorld SecCo Pvt. Ltd. based on the NIST cloud deployment reference architecture?
정답: A
On database system of a hospital maintains rarely-accessed patients' data such as medical records including high-resolution images of ultrasound reports, MRI scans, and X-Ray reports for years. These records occupy a lot of space and need to be kept safe as it contains sensitive medical data. Which of the following Azure storage services best suitable for such rarely-accessed data with flexible latency requirement?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You are the manager of a cloud-based security platform that offers critical services to government agencies and private companies. One morning, your team receives an alert from the platform's intrusion detection system indicating that there has been a potential breach in the system. As the manager, which tool you will use for viewing and monitoring the sensitive data by scanning storage systems and reviewing the access rights to critical resources via a single centralized dashboard?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Kevin Ryan has been working as a cloud security engineer over the past 2 years in a multinational company, which uses AWS-based cloud services. He launched an EC2 instance with Amazon Linux AMI. By disabling password-based remote logins, Kevin wants to eliminate all possible loopholes through which an attacker can exploit a user account remotely. To disable password-based remote logins, using the text editor, Kevin opened the /etc/ssh/sshd_config file and found the #PermitRootLogin yes line. Which of the following command lines should Kevin use to change the #PermitRootLogin yes line to disable password-based remote logins?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Rebecca Mader has been working as a cloud security engineer in an IT company located in Detroit, Michigan.
Her organization uses AWS cloud-based services. An application is launched by a developer on an EC2 instance that needs access to the S3 bucket (photos). Rebecca created a get-pics service role and attached it to the EC2 instance. This service role comprises a permission policy that allows read-only access to the S3 bucket and a trust policy that allows the instance to assume the role and retrieve temporary credentials. The application uses the temporary credentials of the role to access the photo bucket when it runs on the instance.
Does the developer need to share or manage credentials or does the admin need to grant permission to the developer to access the photo bucket?
Her organization uses AWS cloud-based services. An application is launched by a developer on an EC2 instance that needs access to the S3 bucket (photos). Rebecca created a get-pics service role and attached it to the EC2 instance. This service role comprises a permission policy that allows read-only access to the S3 bucket and a trust policy that allows the instance to assume the role and retrieve temporary credentials. The application uses the temporary credentials of the role to access the photo bucket when it runs on the instance.
Does the developer need to share or manage credentials or does the admin need to grant permission to the developer to access the photo bucket?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)