ExamGecko
Search Search Login
Home Home / ECCouncil / 312-40
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The TCK Bank adopts cloud for storing the private data of its customers. The bank usually explains its information sharing practices to its customers and safeguards sensitive data. However, there exist some security loopholes in its information sharing practices. Therefore, hackers could steal the critical data of the bank's customers. In this situation, under which cloud compliance framework will the bank be penalized?
An organization is developing a new AWS multitier web application with complex queries and table joins. However, because the organization is small with limited staff, it requires high availability. Which of the following Amazon services is suitable for the requirements of the organization?
Kenneth Danziger has been working as a cloud security engineer in a multinational company. His organization uses AWS cloud-based services. Kenneth would like to review the changes in configuration and the relationships between AWS resources, examine the detailed resource configuration history, and determine the overall compliance of his organization against the configurations specified in internal guidelines. Which of the following AWS services enables Kenneth to assess, audit, and evaluate the configuration of AWS resources?
A cloud organization, AZS, wants to maintain homogeneity in its cloud operations because the CPU speed measured by AZS varies and the measurement units lack consistency in the standards. For example, AWS defines the CPU speed with Elastic Compute Unit, Google with Google Compute Engine Unit, and Microsoft with clock speed. Here, which cloud computing standard can leverage frameworks and architectures specific to the cloud for maintaining homogeneity in operations?
Alice, a cloud forensic investigator, has located, a relevant evidence during his investigation of a security breach in an organization's Azure environment. As an investigator, he needs to sync different types of logs generated by Azure resources with Azure services for better monitoring. Which Azure logging and auditing feature can enable Alice to record information on the Azure subscription layer and obtain the evidence (information related to the operations performed on a specific resource, timestamp, status of the operation, and the user responsible for it)?
YourTrustedCloud is a cloud service provider that provides cloud-based services to several multinational companies. The organization adheres to various frameworks and standards. YourTrustedCloud stores and processes credit card and payment-related data in the cloud environment and ensures the security of transactions and the credit card processing system. Based on the given information, which of the following standards does YourTrustedCloud adhere to?
Steven Smith has been working as a cloud security engineer in an MNC for the past 4 years. His organization uses AWS cloud-based services. Steven handles a complex application on AWS that has several resources and it is difficult for him to manage these resources. Which of the following AWS services allows Steven to make a set of related AWS resources easily and use or provision them in an orderly manner so that he can spend less time managing resources and more time on the applications that run in the AWS environment?
Jerry Mulligan is employed by an IT company as a cloud security engineer. In 2014, his organization migrated all applications and data from on-premises to a cloud environment. Jerry would like to perform penetration testing to evaluate the security across virtual machines, installed apps, and OSes in the cloud environment, including conducting various security assessment steps against risks specific to the cloud that could expose them to serious threats. Which of the following cloud computing service models does not allow cloud penetration testing (CPEN) to Jerry?
Teresa Ruiz works as a cloud security engineer in an IT company. In January 2021, the data deployed by her in the cloud environment was corrupted, which caused a tremendous loss to her organization. Therefore, her organization changed its cloud service provider. After deploying the workload and data in the new service provider's cloud environment, Teresa backed up the entire data of her organization. A new employee, Barbara Houston, who recently joined Teresa's organization as a cloud security engineer, only backed up those files that changed since the last executed backup. Which type of backup was performed by Barbara in the cloud?
A client wants to restrict access to its Google Cloud Platform (GCP) resources to a specified IP range by making a trust-list. Accordingly, the client limits GCP access to users in its organization network or grants company auditors access to a requested GCP resource only. Which of the following GCP services can help the client?

Question 104 - 312-40 discussion

Report
Export

Jordon Bridges works as a cloud security engineer in a multinational company. His organization uses Google cloud-based services (GC) because Google cloud provides robust security services, better pricing than competitors, improved performance, and redundant backup. Using IAM security configuration, Jordon implemented the principle of least privilege. A GC IAM member could be a Google account, service account, Google group, G Suite, or cloud identity domain with an identity to access Google cloud resources. Which of the following identities is used by GC IAM members to access Google cloud resources?

A.
For Google Account, Google group, and service account, the identity used is the domain name, whereas in G Suite and cloud identity domain, the identity used is an email address.
Answers
A.
For Google Account, Google group, and service account, the identity used is the domain name, whereas in G Suite and cloud identity domain, the identity used is an email address.
B.
For Google Account, Google group, and service account, the identity used is an email address, whereas in G Suite and cloud identity domain, the identity used is the domain name.
Answers
B.
For Google Account, Google group, and service account, the identity used is an email address, whereas in G Suite and cloud identity domain, the identity used is the domain name.
C.
For Google Account, Google group, and G suite, the identity used is the domain name, whereas in service account and cloud identity domain, the identity used is an email address.
Answers
C.
For Google Account, Google group, and G suite, the identity used is the domain name, whereas in service account and cloud identity domain, the identity used is an email address.
D.
For Google Account, Google group, and G suite, the identity used is an email address, whereas in service account and cloud identity domain, the identity used is the domain name.
Answers
D.
For Google Account, Google group, and G suite, the identity used is an email address, whereas in service account and cloud identity domain, the identity used is the domain name.
Suggested answer: B

Explanation:

1.Google Cloud IAM Members: In Google Cloud IAM, members can be individuals or entities that interact with Google Cloud resources. These members are assigned roles that grant them permissions to perform specific actions1.

1.Identity Types: The identities used by IAM members to access Google Cloud resources are typically email addresses or domain names, depending on the type of member1.

1.Email Address as Identity: For a Google Account, Google group, and service account, the identity is generally an email address. This email address is used to uniquely identify the member within Google Cloud's IAM system1.

1.Domain Name as Identity: For G Suite and Cloud Identity domains, the identity is the domain name associated with the organization's account. This domain name represents the collective identity of the organization within Google Cloud1.

1.Access to Resources: IAM members use these identities to authenticate and gain access to Google Cloud resources as per the permissions defined by their assigned roles1.

Medium article on IAM Demystified1.

Show Answer
asked 18/09/2024
stefano nicoletti
35 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms