EC-COUNCIL 312-40 問題集

質問 1：
SeaCloud Soft Pvt. Ltd. is an IT company that develops software and applications related to the healthcare industry. To safeguard the data and applications against The organization did not trust the cloud service attackers, the organization adopted cloud computing. provider; therefore, it Implemented an encryption technique that secures data during communication and storage. SeaCloud Soft Pvt. Ltd. performed computation on the encrypted data and then sent the data to the cloud service provider. Based on the given information, which of the following encryption techniques was implemented by SeaCloud Soft Pvt. Ltd.?
A. Identity-based encryption
B. Fully homomorphic encryption
C. Ciphertext attribute based encryption
D. Key policy attribute-based encryption
正解：B

質問 2：
Bruce McFee works as a cloud security engineer in an IT company. His organization uses AWS cloud-based services. Because Amazon CloudFront offers low-latency and high-speed data delivery through a user-friendly environment, Bruce's organization uses the CloudFront content delivery network (CDN) web service for the fast and secure distribution of data to various customers throughout the world. How does CloudFront accelerate content distribution?
A. By forwarding the requests of end users to the original source
B. By routing the requests of end users to the original source
C. By restricting the requests of end users from the nearest edge locations
D. By sending the requests of end users to the nearest edge locations
正解：D
解説: (Topexam メンバーにのみ表示されます)

質問 3：
An Azure organization wants to enforce its on-premises AD security and password policies to filter brute-force attacks. Instead of using legacy authentication, the users should sign in to on-premises and cloud-based applications using the same passwords in Azure AD. Which Azure AD feature can enable users to access Azure resources?
A. Azure AD Connect
B. Azure Automation
C. Azure Policy
D. Azure AD Pass Through Authentication
正解：D
解説: (Topexam メンバーにのみ表示されます)

質問 4：
A client wants to restrict access to its Google Cloud Platform (GCP) resources to a specified IP range by making a trust-list. Accordingly, the client limits GCP access to users in its organization network or grants company auditors access to a requested GCP resource only. Which of the following GCP services can help the client?
A. Cloud Router
B. Identity and Access Management
C. VPC Service Controls
D. Cloud IDS
正解：C
解説: (Topexam メンバーにのみ表示されます)

質問 5：
You are the manager of a cloud-based security platform that offers critical services to government agencies and private companies. One morning, your team receives an alert from the platform's intrusion detection system indicating that there has been a potential breach in the system. As the manager, which tool you will use for viewing and monitoring the sensitive data by scanning storage systems and reviewing the access rights to critical resources via a single centralized dashboard?
A. Google Cloud Security Scanner
B. Google Cloud Armor
C. Google Cloud Security Command Center
D. Cloud Identity and Access Management (IAM)
正解：C
解説: (Topexam メンバーにのみ表示されます)

質問 6：
An organization wants to securely connect to the AWS environment with a speed of 20 Gbps directly through its data centers, branch offices, and colocation facilities to ensure that its customers can securely access public (objects stored in Amazon S3) and private (limited access features such as VPC) resources by bypassing the internet service providers in the path. Which of the following AWS services can be helpful for the organization?
A. AWS Shield Standard
B. Amazon CloudFront
C. Amazon Direct Connect
D. Amazon EBS
正解：C

質問 7：
The tech giant TSC uses cloud for its operations. As a cloud user, it should implement an effective risk management lifecycle to measure and monitor high and critical risks regularly. Additionally, TSC should define what exactly should be measured and the acceptable variance to ensure timely mitigated risks. In this case, which of the following can be used as a tool for cloud risk management?
A. CSA CCM Framework
B. Cloud Security Alliance
C. Committee of Sponsoring Organizations
D. Information System Audit and Control Association
正解：A
解説: (Topexam メンバーにのみ表示されます)

質問 8：
Aidan McGraw is a cloud security engineer in a multinational company. In 2018, his organization deployed its workloads and data in a cloud environment. Aidan was given the responsibility of securing high-valued information that needs to be shared outside the organization from unauthorized intruders and hackers. He would like to protect sensitive information about his organization, which will be shared outside the organization, from attackers by encrypting the data and including user permissions inside the file containing this information. Which technology satisfies Aidan's requirements?
A. Identity and Access Management
B. Privileged User Management
C. System for Cross-Domain Identity Management
D. Information Rights Management
正解：D
解説: (Topexam メンバーにのみ表示されます)

質問 9：
Stephen Cyrus has been working as a cloud security engineer in an MNC over the past 7 years. The database administration team requested Stephen to configure a server instance that can enhance the performance of their new database server running on Compute Engine. The database is built on MySQL running on Debian Linux and it is used to import and normalize the company's performance statistics. They have an n2-standard-8 virtual machine with 80 GB of SSD zonal persistent disk, which cannot be restarted until the next maintenance event. Which of the following can help Stephen to enhance the performance of this VM quickly and in a cost-effective manner?
A. Dynamically resize the SSD persistent disk to 500 GB
B. Create a new VM that runs on PostgreSQL
C. Migrate their performance metrics warehouse to BigQuery
D. Enhance the VM memory to 60 GB
正解：A
解説: (Topexam メンバーにのみ表示されます)