DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

ECCouncil 312-40 Exam Questions and Answers, EC-Council Certified Cloud Security Engineer | SPOTO

SPOTO's latest exam dumps on the homepage, with a 100% pass rate! SPOTO delivers authentic Cisco CCNA, CCNP study materials, CCIE Lab solutions, PMP, CISA, CISM, AWS, and Palo Alto exam dumps. Our comprehensive study materials are meticulously aligned with the latest exam objectives. With a proven track record, we have enabled thousands of candidates worldwide to pass their IT certifications on their first attempt. Over the past 20+ years, SPOTO has successfully placed numerous IT professionals in Fortune 500 companies.
Take other online exams
Question #1
Cindy Williams has been working as a cloud security engineer in an IT company situated in Austin, Texas. Owing to the robust security and cost-effective features provided by AWS, her organization adopted AWS cloud-based services. Cindy has deployed an application in the Amazon Elastic Compute Cloud (EC2) instance. Which of the following cloud computing service model does the Amazon EC2 instance represent?
A. SaaS
B. DaaS
C. PaaS
D. IaaS
View answer
Correct Answer: D
Question #2
Gabriel Bateman has been working as a cloud security engineer in an IT company for the past 5?years. Owing to the recent onset of the COVID-19 pandemic, his organization has given the provision to work from home to all employees. Gabriel’s organization uses Microsoft Office 365 that allows all employees access files, emails, and other Office programs securely from various locations on multiple devices. Who among the following is responsible for patch management in Microsoft Office 365?
A. Both Gabriel’s organization and Microsoft share responsibilities for patch management
B. Gabriel’s organization should outsource patch management to a third party
C. Gabriel’s organization is entirely responsible for patch management
D. Microsoft is entirely responsible for patch management
View answer
Correct Answer: D
Question #3
Daffod is an American cloud service provider that provides cloud-based services to customers worldwide. Several customers are adopting the cloud services provided by Daffod because they are secure and cost- effective. Daffod complies with the cloud computing law enacted in the US to realize the importance of information security in the economic and national security interests of the US. Based on the given information, which law order does Daffod adhere to?
A. FERPA
B. CLOUD
C. FISMA
D. ECPA
View answer
Correct Answer: C
Question #4
Aidan McGraw is a cloud security engineer in a multinational company. In 2018, his organization deployed its workloads and data in a cloud environment. Aidan was given the responsibility of securing high-valued information that needs to be shared outside the organization from unauthorized intruders and hackers. He would like to protect sensitive information about his organization, which will be shared outside the organization, from attackers by encrypting the data and including user permissions inside the f
A. Information Rights Management
B. Identity and Access Management
C. System for Cross-Domain Identity Management
D. Privileged User Management
View answer
Correct Answer: A
Question #5
Billy Pratt works as a cloud security engineer in an MNC. In 2012, his organization transferred all applications and data into an AWS cloud environment. Billy would like to analyze, investigate, and identify the root cause of malicious activities in his organization’s AWS cloud environment. Which of the following Amazon services automatically collects data from various AWS resources and utilizes machine learning, statistical analysis, and graph theory to provide a unified and interactive view of resources a
A. Amazon Inspector
B. Amazon Detective
C. Amazon GuardDuty
D. Amazon Macie
View answer
Correct Answer: B
Question #6
The TCK Bank adopts cloud for storing the private data of its customers. The bank usually explains its information sharing practices to its customers and safeguards sensitive data. However, there exist some security loopholes in its information sharing practices. Therefore, hackers could steal the critical data of the bank’s customers. In this situation, under which cloud compliance framework will the bank be penalized?
A. ITAR
B. GLBA
C. NIST
D. GDPR
View answer
Correct Answer: B
Question #7
Billy Pratt works as a cloud security engineer in an MNC. In 2012, his organization transferred all applications and data into an AWS cloud environment. Billy would like to analyze, investigate, and identify the root cause of malicious activities in his organization’s AWS cloud environment. Which of the following Amazon services automatically collects data from various AWS resources and utilizes machine learning, statistical analysis, and graph theory to provide a unified and interactive view of resources a
A. Amazon Inspector
B. Amazon Detective
C. Amazon GuardDuty
D. Amazon Macie
View answer
Correct Answer: B
Question #8
Lexie Roth works as a cloud security engineer in an IT company located in Boston, Massachusetts. Her organization generates a huge amount of data. To increase the storage size, speed, and fault tolerance, Lexie would like to configure and create a RAID. Therefore, she created a RAID on Windows Server 2016, which includes block-level striping with a distributed parity. The parity information is distributed among all drives, except one. The data chunks in the RAID are larger than the regular I/O size, but the
A. RAID 3
B. RAID 5
C. RAID 1
D. RAID 0
View answer
Correct Answer: B
Question #9
An organization, PARADIGM PlayStation, moved its infrastructure to a cloud as a security practice. It established an incident response team to monitor the hosted websites for security issues. While examining network access logs using SIEM, the incident response team came across some incidents that suggested that one of their websites was targeted by attackers and they successfully performed an SQL injection attack. Subsequently, the incident response team made the website and database server offline. In whi
A. Containment
B. Analysis
C. Coordination and information sharing
D. Post-mortem
View answer
Correct Answer: A
Question #10
An organization wants to detect its hidden cloud infrastructure by auditing its cloud environment and resources such that it shuts down unused/unwanted workloads, saves money, minimizes security risks, and optimizes its cloud inventory. In this scenario, which standard is applicable for cloud security auditing that enables the management of customer data?
A. Cloud Security Alliance
B. ISO 27001 & 27002
C. SOC2
D. NIST SP800-53 rev 4
View answer
Correct Answer: B
Question #11
An IT organization named WITEC Solutions has adopted cloud computing. The organization must manage risks to keep its business data and services secure and running by gaining knowledge about the approaches suitable for specific risks. Which risk management approach can compensate the organization if it loses sensitive data owing to the risk of an activity?
A. Risk mitigation
B. Risk acceptance
C. Risk avoidance
D. Risk transference
View answer
Correct Answer: D
Question #12
Lexie Roth works as a cloud security engineer in an IT company located in Boston, Massachusetts. Her organization generates a huge amount of data. To increase the storage size, speed, and fault tolerance, Lexie would like to configure and create a RAID. Therefore, she created a RAID on Windows Server 2016, which includes block-level striping with a distributed parity. The parity information is distributed among all drives, except one. The data chunks in the RAID are larger than the regular I/O size, but the
A. RAID 3
B. RAID 5
C. RAID 1
D. RAID 0
View answer
Correct Answer: B
Question #13
Cindy Williams has been working as a cloud security engineer in an IT company situated in Austin, Texas. Owing to the robust security and cost-effective features provided by AWS, her organization adopted AWS cloud-based services. Cindy has deployed an application in the Amazon Elastic Compute Cloud (EC2) instance. Which of the following cloud computing service model does the Amazon EC2 instance represent?
A. SaaS
B. DaaS
C. PaaS
D. IaaS
View answer
Correct Answer: D
Question #14
Global CloudEnv is a cloud service provider that provides various cloud-based services to cloud consumers. The cloud service provider adheres to the framework that can be used as a tool to systematically assess cloud implementation by providing guidance on the security controls that should be implemented by specific actors within the cloud supply chain. It is used as the standard to assess the security posture of organizations on the Security, Trust, Assurance, and Risk (STAR) registry. Based on the given i
A. CDMI
B. CSA CAIQ
C. CSA CCM
D. ITU-T X
View answer
Correct Answer: C
Question #15
Global SoftTechSol is a multinational company that provides customized software solutions and services to various clients located in different countries. It uses a public cloud to host its applications and services. Global SoftTechSol uses Cloud Debugger to inspect the current state of a running application in real-time, find bugs, and understand the behavior of the code in production. Identify the service provider that provides the Cloud Debugger feature to Global SoftTechSol?
A. Google
B. IBM
C. Azure
D. AWS
View answer
Correct Answer: A
Question #16
Kelsey Lewis has been working as a cloud security engineer in a BPO company that provides 24?×?7 customer service. Owing to the cost-effective storage and security features provided by cloud computing, her organization adopted the cloud environment 4?years ago. Kelsey implemented the TLS protocol to provide security to e-mail communications, voice over IP (VoIP) communication, web traffic, messaging clients, file transfers, and internet services (Domain Name Service (DNS) and Network Time Protocol (NTP)). W
A. X
B. X
C. X
D. X
View answer
Correct Answer: D
Question #17
Cindy Williams has been working as a cloud security engineer in an IT company situated in Austin, Texas. Owing to the robust security and cost-effective features provided by AWS, her organization adopted AWS cloud-based services. Cindy has deployed an application in the Amazon Elastic Compute Cloud (EC2) instance. Which of the following cloud computing service model does the Amazon EC2 instance represent?
A. PaaS
B. laaS
C. SaaS
D. DaaS
View answer
Correct Answer: B
Question #18
The TCK Bank adopts cloud for storing the private data of its customers. The bank usually explains its information sharing practices to its customers and safeguards sensitive data. However, there exist some security loopholes in its information sharing practices. Therefore, hackers could steal the critical data of the bank’s customers. In this situation, under which cloud compliance framework will the bank be penalized?
A. ITAR
B. GLBA
C. NIST
D. GDPR
View answer
Correct Answer: B
Question #19
Tom Holland works as a cloud security engineer in an IT company located in Lansing, Michigan. His organization has adopted cloud-based services wherein user access, application, and data security are the responsibilities of the organization, and the OS, hypervisor, physical, infrastructure, and network security are the responsibilities of the cloud service provider. Based on the aforementioned cloud security shared responsibilities, which of the following cloud computing service models is enforced in Tom’s
A. Software-as-a-Service
B. On-Premises
C. Infrastructure-as-a-Service
D. Platform-as-a-Service
View answer
Correct Answer: C

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.