- All Exams Instant Download
What can the organization do initially to avoid the legal implications of moving data between two AWS regions for analysis?
A security incident has occurred within an organization's AWS environment. A cloud forensic investigation procedure is initiated for the acquisition of forensic evidence from the compromised EC2 instances. However, it is essential to abide by the data privacy laws while provisioning any forensic instance and sending it for analysis. What...
Which of the following GCP services can help the client?
A client wants to restrict access to its Google Cloud Platform (GCP) resources to a specified IP range by making a trust-list. Accordingly, the client limits GCP access to users in its organization network or grants company auditors access to a requested GCP resource only. Which of the following GCP...
Which member of the team has an authoritative knowledge of incidents and can be involved in different domains such as security, legal, product, and digital forensics?
The GCP environment of a company named Magnitude IT Solutions encountered a security incident. To respond to the incident, the Google Data Incident Response Team was divided based on the different aspects of the incident. Which member of the team has an authoritative knowledge of incidents and can be involved...
Terry Diab has an experience of 6 years as a cloud security engineer. She recently joined a multinational company as a senior cloud security engineer. Terry learned that there is a high probability that her organizational applications could be hacked and user data such as passwords, usernames, and account information can be exploited by an attacker. The organizational applications have not yet been hacked, but this issue requires urgent action. Therefore, Terry, along with her team, released a software update that is designed to resolve this problem instantly with a quick-release procedure. Terry successfully fixed the problem (bug) in the software product immediately without following the normal quality assurance procedures. Terry's team resolved the problem immediately on the live system with zero downtime for users. Based on the given information, which of the following type of update was implemented by Terry?
Terry Diab has an experience of 6 years as a cloud security engineer. She recently joined a multinational company as a senior cloud security engineer. Terry learned that there is a high probability that her organizational applications could be hacked and user data such as passwords, usernames, and account information...
Based on the given information, which deletion method was implemented by Rebecca?
Rebecca Gibel has been working as a cloud security engineer in an IT company for the past 5 years. Her organization uses cloud-based services. Rebecca's organization contains personal information about its clients,which is encrypted and stored in the cloud environment. The CEO of her organization has asked Rebecca to delete...
What will happen when Shannon enables JIT VM access?
Shannon Elizabeth works as a cloud security engineer in VicPro Soft Pvt. Ltd. Microsoft Azure provides all cloud-based services to her organization. Shannon created a resource group (ProdRes), and then created a virtual machine (myprodvm) in the resource group. On myprodvm virtual machine, she enabled JIT from the Azure Security...
Identify the next step in the investigation of the security incident in Azure?
An IT company uses two resource groups, named Production-group and Security-group, under the same subscription ID. Under the Production-group, a VM called Ubuntu18 is suspected to be compromised. As a forensic investigator, you need to take a snapshot (ubuntudisksnap) of the OS disk of the suspect virtual machine Ubuntu18 for...
Which step of the incident response lifecycle includes the lessons learned from previous attacks and analyzes and documents the incident to understand what should be improved?
Shell Solutions Pvt. Ltd. is an IT company that develops software products and services for BPO companies. The organization became a victim of a cybersecurity attack. Therefore, it migrated its applications and workloads from on-premises to a cloud environment. Immediately, the organization established an incident response team to prevent such...
Which of the following Amazon services is suitable for the requirements of the organization?
An organization is developing a new AWS multitier web application with complex queries and table joins. However, because the organization is small with limited staff, it requires high availability. Which of the following Amazon services is suitable for the requirements of the organization?A . Amazon HSMB . Amazon SnowballC ....
An organization wants to detect its hidden cloud infrastructure by auditing its cloud environment and resources such that it shuts down unused/unwanted workloads, saves money, minimizes security risks, and optimizes its cloud inventory. In this scenario, which standard is applicable for cloud security auditing that enables the management of customer data?
An organization wants to detect its hidden cloud infrastructure by auditing its cloud environment and resources such that it shuts down unused/unwanted workloads, saves money, minimizes security risks, and optimizes its cloud inventory. In this scenario, which standard is applicable for cloud security auditing that enables the management of customer...
