The GCP environment of a company named Magnitude IT Solutions encountered a security incident. To respond to the incident, the Google Data Incident Response Team was divided based on the different aspects of the incident. Which member of the team has an authoritative knowledge of incidents and can be involved in different domains such as security, legal, product, and digital forensics?

Global SoftTechSol is a multinational company that provides customized software solutions and services to various clients located in different countries. It uses a public cloud to host its applications and services. Global SoftTechSol uses Cloud Debugger to inspect the current state of a running application in real-time, find bugs, and understand the behavior of the code in production. Identify the service provider that provides the Cloud Debugger feature to Global SoftTechSol?

YourTrustedCloud is a cloud service provider that provides cloud-based services to several multinational companies. The organization adheres to various frameworks and standards. YourTrustedCloud stores and processes credit card and payment-related data in the cloud environment and ensures the security of transactions and the credit card processing system. Based on the given information, which of the following standards does YourTrustedCloud adhere to?

Alice, a cloud forensic investigator, has located, a relevant evidence during his investigation of a security breach in an organization's Azure environment. As an investigator, he needs to sync different types of logs generated by Azure resources with Azure services for better monitoring. Which Azure logging and auditing feature can enable Alice to record information on the Azure subscription layer and obtain the evidence (information related to the operations performed on a specific resource, timestamp, status of the operation, and the user responsible for it)?

Allen Smith works as a cloud security engineer in a multinational company. Using an intrusion detection system, the incident response team of this company identified that an attacker has been continuously attacking the organization's AWS services. The team leader asked Allen to track the changes made to AWS resources and perform security analysis. Which AWS service can provide the AWS API call history for AWS accounts, including calls made via the AWS Management Console or Command Line tools, AWS Software Development Kits, and other AWS services to Allen?

A new public web application is deployed on AWS that will run behind an Application Load Balancer (ALB). An AWS security expert needs to encrypt the newly deployed application at the edge with an SSL/TLS certificate issued by an external certificate authority. In addition, he needs to ensure the rotation of the certificate yearly before it expires. Which of the following AWS services can be used to accomplish this?

An Azure organization wants to enforce its on-premises AD security and password policies to filter brute-force attacks. Instead of using legacy authentication, the users should sign in to on-premises and cloud-based applications using the same passwords in Azure AD. Which Azure AD feature can enable users to access Azure resources?

Sam, a cloud admin, works for a technology company that uses Azure resources. Because Azure contains the resources of numerous organizations and several alerts are received timely, it is difficult for the technology company to identify risky resources, determine their owner, know whether they are needed, and know who pays for them. How can Sam organize resources to determine this information immediately?

Daffod is an American cloud service provider that provides cloud-based services to customers worldwide. Several customers are adopting the cloud services provided by Daffod because they are secure and cost-effective. Daffod is compliant with the cloud computing law that protects the student information collected by educational institutions and their associated vendors. Based on the information given, which law does Daffod adhere to?

Kenneth Danziger has been working as a cloud security engineer in a multinational company. His organization uses AWS cloud-based services. Kenneth would like to review the changes in configuration and the relationships between AWS resources, examine the detailed resource configuration history, and determine the overall compliance of his organization against the configurations specified in internal guidelines. Which of the following AWS services enables Kenneth to assess, audit, and evaluate the configuration of AWS resources?

Elaine Grey has been working as a senior cloud security engineer in an IT company that develops software and applications related to the financial sector. Her organization would like to extend its storage capacity and automate disaster recovery workflows using a VMware private cloud. Which of the following storage options can be used by Elaine in the VMware virtualization environment to connect a VM directly to a LUN and access it from SAN?

Karen Gillan has recently joined an IT company as a cloud security engineer. Her organization would like to adopt cloud-based services to provide 24 x 7 customer support to its clients. It wants to transfer its customer database and transaction details along with the applications used for managing and supporting its customers.

Before migrating to cloud, which of the following analyses should be performed by Karen on the security capabilities and services provided by cloud service providers to understand the security requirements of the organization and those provided by the cloud service provider?

Teresa Palmer has been working as a cloud security engineer in a multinational company. Her organization contains a huge amount of data; if these data are transferred to AWS S3 through the internet, it will take weeks. Teresa's organization does not want to spend money on upgrading its internet to a high-speed internet connection. Therefore, Teresa has been sending large amounts of backup data (terabytes to petabytes) to AWS from on-premises using a physical device, which was provided by Amazon. The data in the physical device are imported and exported from and to AWS S3 buckets. This method of data transfer is cost-effective, secure, and faster than the internet for her organization. Based on the given information, which of the following AWS services is being used by Teresa?

Scott Herman works as a cloud security engineer in an IT company located in Ann Arbor, Michigan. His organization uses Office 365 Business Premium that provides Microsoft Teams, secure cloud storage, business email, premium Office applications across devices, advanced cyber threat protection, and device management.

Which of the following cloud computing service models does Microsoft Office 365 represent?

A client wants to restrict access to its Google Cloud Platform (GCP) resources to a specified IP range by making a trust-list. Accordingly, the client limits GCP access to users in its organization network or grants company auditors access to a requested GCP resource only. Which of the following GCP services can help the client?

On database system of a hospital maintains rarely-accessed patients' data such as medical records including high-resolution images of ultrasound reports, MRI scans, and X-Ray reports for years. These records occupy a lot of space and need to be kept safe as it contains sensitive medical data. Which of the following Azure storage services best suitable for such rarely-accessed data with flexible latency requirement?

Falcon Computers is an IT company that runs its IT infrastructure on the cloud. The organization must implement cloud governance in its corporate cloud environment to align its business vision with the cloud vision. Which of the following cloud governance components can help the organization to align the cloud vision and business vision?

A company is a third-party vendor for several organizations and provides them customized software and products to cater to their needs. It recently moved its infrastructure and applications on cloud. Its applications are not working on the cloud as expected. The developers and testers are experiencing significant difficulty in managing and deploying the code in the cloud. Which of the following will help them with automated integration, development, testing, and deployment in the cloud?

Chris Noth has been working as a senior cloud security engineer in CloudAppSec Private Ltd. His organization has selected a DRaaS (Disaster Recovery as a Service) company to provide a disaster recovery site that is fault tolerant and consists of fully redundant equipment with network connectivity and real-time data synchronization. Thus, if a disaster strikes Chris' organization, failover can be performed to the disaster recovery site with minimal downtime and zero data loss. Based on the given information, which disaster recovery site is provided by the DRaaS company to Chris' organization?

InternSoft Solution Pvt. Ltd. is an IT company located in Boston, Massachusetts. The IT and InfoSec teams of the organization uses CASP to customize access rules and automate compliance policies. Using CASP solutions, they could access the account activities in the cloud, which makes it easy for them to achieve compliance, data security, and threat protection. What is CASP?

A BPO company would like to expand its business and provide 24 x 7 customer service. Therefore, the organization wants to migrate to a fully functional cloud environment that provides all features with minimum maintenance and administration. Which cloud service model should it consider?

Scott Herman works as a cloud security engineer in an IT company. His organization has deployed a 3-tier web application in the same Google Cloud Virtual Private Cloud. Each tier (web interface (UI), API, and database) is scaled independently of others. Scott Herman obtained a requirement that the network traffic should always access the database using the API and any request coming directly from the web interface to the database should not be allowed. How should Scott configure the network with minimal steps?

Securelnfo Pvt. Ltd. has deployed all applications and data in the AWS cloud. The security team of this organization would like to examine the health of the organization's website regularly and switch (or failover) to a backup site if the primary website becomes unresponsive. Which of the following AWS services can provide DNS failover capabilities and health checks to ensure the availability of the organization's website?

QuickServ Solutions is an organization that wants to migrate to the cloud. It is in the phase of signing an agreement with a cloud vendor. For that, QuickServ Solutions must assess the current vendor procurement process to determine how the company can mitigate cloud-related risks. How can the company accomplish that?

A mid-sized company uses Azure as its primary cloud provider for its infrastructure. Its cloud security analysts are responsible for monitoring security events across multiple Azure resources (subscriptions, VMs, Storage, and SQL databases) and getting threat intelligence and intelligent security analytics throughout their organization. Which Azure service would the security analysts use to achieve their goal of having a centralized view of all the security events and alerts?

Trevor Noah works as a cloud security engineer in an IT company located in Seattle, Washington. Trevor has implemented a disaster recovery approach that runs a scaled-down version of a fully functional environment in the cloud. This method is most suitable for his organization's core business-critical functions and solutions that require the RTO and RPO to be within minutes. Based on the given information, which of the following disaster recovery approach is implemented by Trevor?

An organization, PARADIGM PlayStation, moved its infrastructure to a cloud as a security practice. It established an incident response team to monitor the hosted websites for security issues. While examining network access logs using SIEM, the incident response team came across some incidents that suggested that one of their websites was targeted by attackers and they successfully performed an SQL injection attack.

Subsequently, the incident response team made the website and database server offline. In which of the

following steps of the incident response lifecycle, the incident team determined to make that decision?

Teresa Ruiz works as a cloud security engineer in an IT company. In January 2021, the data deployed by her in the cloud environment was corrupted, which caused a tremendous loss to her organization. Therefore, her organization changed its cloud service provider. After deploying the workload and data in the new service provider's cloud environment, Teresa backed up the entire data of her organization. A new employee, Barbara Houston, who recently joined Teresa's organization as a cloud security engineer, only backed up those files that changed since the last executed backup. Which type of backup was performed by Barbara in the cloud?

The e-commerce platform www.evoucher.com observes overspending 15% to 30% due to unawareness of the mistakes in threat detection and security governance while using the services of its cloud provider AWS. It feels it requires a well-thought-out roadmap to improve its cloud journey. How can the company accelerate its cloud journey with desired outcomes and business value?

Stephen Cyrus has been working as a cloud security engineer in an MNC over the past 7 years. The database administration team requested Stephen to configure a server instance that can enhance the performance of their new database server running on Compute Engine. The database is built on MySQL running on Debian Linux and it is used to import and normalize the company's performance statistics. They have an n2-standard-8 virtual machine with 80 GB of SSD zonal persistent disk, which cannot be restarted until the next maintenance event. Which of the following can help Stephen to enhance the performance of this VM quickly and in a cost-effective manner?

Global SciTech Pvt. Ltd. is an IT company that develops healthcare-related software. Using an incident detection system (IDS) and antivirus software, the incident response team of the organization has observed that attackers are targeting the organizational network to gain access to the resources in the on-premises environment. Therefore, their team of cloud security engineers met with a cloud service provider to discuss the various security provisions offered by the cloud service provider. While discussing the security of the organization's virtual machine in the cloud environment, the cloud service provider stated that the Network Security Groups (NSGs) will secure the VM by allowing or denying network traffic to VM instances in a virtual network based on inbound and outbound security rules. Which of the following cloud service provider filters the VM network traffic in a virtual network using NSGs?

Cindy Williams works as a cloud security engineer in an IT company located in Seattle, Washington. Owing to the cost-effective security, governance, and storage features provided by AWS, her organization adopted AWS cloud-based services. Cindy would like to detect any unusual activity in her organization's AWS account. She would like to obtain the event history of her organization's AWS account activity for security analysis and resource change tracking. Which of the following AWS service enables operational auditing, compliance, governance, and risk auditing for her organization's AWS account?

Jerry Mulligan is employed by an IT company as a cloud security engineer. In 2014, his organization migrated all applications and data from on-premises to a cloud environment. Jerry would like to perform penetration testing to evaluate the security across virtual machines, installed apps, and OSes in the cloud environment, including conducting various security assessment steps against risks specific to the cloud that could expose them to serious threats. Which of the following cloud computing service models does not allow cloud penetration testing (CPEN) to Jerry?

Brentech Services allows its clients to access (read, write, or delete) Google Cloud Storage resources for a limited time without a Google account while it controls access to Cloud Storage. How does the organization accomplish this?

A large e-commerce company named ShopZone uses GCP to host its online store. Recently, the company noticed several errors reported by customers while trying to make purchases on their website. They suspect that there may be some issue with the payment processing system. To investigate this issue, the cloud forensic team of the company decided to look at the logs for the payment processing system and identify anomalies that may be causing the problem. Which of the following GCP log categories helps the team gain the relevant information?

TeratInfo Pvt. Ltd. is an IT company that develops software products and applications for financial

organizations. Owing to the cost-effective storage features and robust services provided by cloud computing, TeratInfo Pvt. Ltd. adopted cloud-based services. Recently, its security team observed a dip in the organizational system performance. Susan, a cloud security engineer, reviewed the list of publicly accessible resources, security groups, routing tables, ACLs, subnets, and IAM policies. What is this process called?

Andrew Gerrard has been working as a cloud security engineer in an MNC for the past 3 years. His organization uses cloud-based services and it has implemented a DR plan. Andrew wants to ensure that the DR plan works efficiently and his organization can recover and continue with its normal operation when a disaster strikes.

Therefore, the owner of the DR plan, Andrew, and other team members involved in the development and implementation of the DR plan examined it to determine the inconsistencies and missing elements. Based on the given scenario, which of the following type of DR testing was performed in Andrew's organization?