Exam 6: Securing Cloud Resources

Petyr has been called into Fictional Corp to perform a security audit of their systems. One of the things that he notes on his report is that the sales department is using FTP to remotely upload scanned copies of physical order sheets from customers. Why is this an issue?

Jorah is performing an analysis of some of the systems and protocols his company uses. Which of the following, if found in use, should he recommend discontinuing? (Select all that apply)

Jamie is head of security at his company and has gotten an alert from the monitoring system that the web servers are receiving a sudden spike in traffic from a number of foreign IP addresses. This is causing the website to run very slow or return errors to some users. Which of the following is most likely occurring?

Brienne is trying to access one of her company's websites but gets an error message about not being able to trust the website. Which of the following has most likely occurred?

Samwell wants to create a lightly protected subnet within the VNet that acts as a filter between the Internet and the other internal network resources. Which of the following describes the type of subnet that he is looking to deploy?

Arya is looking to install a security appliance that is designed to detect applications and other resources running within the domain and monitor them according to her organization's policies. Which of the following would she want to implement?

Daenerys is examining the logs of one of the Linux servers as part of a standard auditing process. She comes across a number of entries showing that an administrative account has logged in from a foreign IP address many times over the past six months. She knows that the company doesn't have any operations in the country that the IP address is assigned to. Which of the following might describe the type of attack that has occurred?

Cersei wants to protect the application servers within her cloud deployment by implementing granular control of the traffic and workflows in the deployment. Which of the following would she implement?

Missandei's manager has asked her to implement microsegmentation for her company's cloud deployment. She wasn't overly familiar with this term and upon researching came across the reasoning to implement this as being that nothing should be trusted in a cloud environment and every system, communication, and user is considered a threat until proven otherwise. Which of the following concepts does this describe?

Tommen is doing an audit and finds that the firewall still includes some rules for some Windows servers that no longer exist in a VPC. The remaining servers all run a variant of Linux. Which of the following rules should he delete from the firewall?

Tormund has created a set of firewall rules and has noticed that when there is traffic that matches a rule, the traffic allowed in one direction automatically allows traffic in the other direction for an active connection as long as there is at least one message going in either direction within 10 minutes. What is the name of that type of firewall?

Gendry has been learning more about security within the cloud after hearing that it is a hot topic within the IT industry. He starts reading up on SHA-3 being used for hashing. Which of the following best describes SHA-3?

Bronn is examining the log files and notices a constant stream of traffic initializing sessions to an FTP server coming from a single IP address. Which of the following is most likely occurring?

Meera notices someone entering a side door of her company's facility, but did not swipe a badge on the proximity badge reader before being able to open the door, even though there is a badge reader installed. Which of the following may have occurred?

Davos has been reading about encryption recently. He begins to wonder how anything can be secure if everyone is using the same set of algorithms. After all, anyone using the same algorithm would be able to decrypt anything that had been encrypted using that algorithm. Which of the following helps make the data unusable by anyone else using that same encryption scheme without having this information?

Stannis wants to block any traffic that uses insecure protocols from entering his VPC. Which of the following might he use to accomplish that goal?

Khal has set up a new web server on the company's private cloud. He has installed the security certificate necessary so that the application can be accessed by HTTPS. He isn't overly familiar with how these certificates work, so he decides to read up on the details. He learns that there is a pair of keys used to encrypt and decrypt the initial communications. Which of the following is the key that does not get sent to the browser?

Euron has received several complaints that none of the users can access the company's resources that are hosted on a cloud service provider. The company has a piece of hardware installed that provides a VPN tunnel to the CSP. Upon entering the data center, he sees that all of the lights are off on the device. He unplugs it and plugs it back in and does not see any changes. Which of the following has most likely occurred?

Ellaria is analyzing the infrastructure that her organization uses and sees that the first rule of the firewall is as shown below. Which of the following is probably true?

Shae wants to implement antivirus in her cloud environments. Where should she look at installing this protection to be most effective?