312-40 Exam Details

  • Exam Code
    :312-40
  • Exam Name
    :EC-Council Certified Cloud Security Engineer (CCSE)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :147 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 312-40 Online Questions & Answers

  • Question 121:

    Sam, a cloud admin, works for a technology company that uses Azure resources. Because Azure contains the resources of numerous organizations and several alerts are received timely, it is difficult for the technology company to identify risky resources, determine their owner, know whether they are needed, and know who pays for them. How can Sam organize resources to determine this information immediately?

    A. By using tags
    B. By setting up Azure Front Door
    C. By configuring workflow automation
    D. By using ASC Data Connector

  • Question 122:

    Tom Holland works as a cloud security engineer in an IT company located in Lansing, Michigan. His organization has adopted cloud-based services wherein user access, application, and data security are the responsibilities of the organization, and the OS, hypervisor, physical, infrastructure, and network security are the responsibilities of the cloud service provider. Based on the aforementioned cloud security shared responsibilities, which of the following cloud computing service models is enforced in Tom's organization?

    A. Infrastructure-as-a-Service
    B. Platform-as-a-Service
    C. On-Premises
    D. Software-as-a-Service

  • Question 123:

    Daffod is an American cloud service provider that provides cloud-based services to customers worldwide.

    Several customers are adopting the cloud services provided by Daffod because they are secure and cost-effective. Daffod complies with the cloud computing law enacted in the US to realize the importance of information security in the economic and national security interests of the US. Based on the given information, which law order does Daffod adhere to?

    A. FERPA
    B. CLOUD
    C. FISMA
    D. ECPA

  • Question 124:

    Kevin Ryan has been working as a cloud security engineer over the past 2 years in a multinational company, which uses AWS-based cloud services. He launched an EC2 instance with Amazon Linux AMI. By disabling password-based remote logins, Kevin wants to eliminate all possible loopholes through which an attacker can exploit a user account remotely. To disable password-based remote logins, using the text editor, Kevin opened the /etc/ssh/sshd_config file and found the #PermitRootLogin yes line. Which of the following command lines should Kevin use to change the #PermitRootLogin yes line to disable password-based remote logins?

    A. PermitRootLogin without-password
    B. PermitRootLogin without./password/disable
    C. PermitRootLogin without./password
    D. PermitRootLogin without-password/disable

  • Question 125:

    The organization TechWorld Ltd. used cloud for its business. It operates from an EU country (Poland and Greece). Currently, the organization gathers and processes the data of only EU users. Once, the organization experienced a severe security breach, resulting in loss of critical user data. In such a case, along with its cloud service provider, the organization should be held responsible for non-compliance or breaches. Under which cloud compliance framework will the company and cloud provider be penalized?

    A. GDPR
    B. NIST
    C. ITAR
    D. HIPAA

  • Question 126:

    Being a cloud security administrator, Jonathan is responsible for securing the large-scale cloud infrastructure of his organization SpectrumIT Solutions. The organization has to implement a threat detection and analysis system so that Jonathan would receive alerts regarding all misconfigurations and network intrusions in the organization's cloud infrastructure. Which AWS service would enable him to use to receive alerts related to risks?

    A. Amazon SQS
    B. Amazon VPC
    C. Amazon SNS
    D. Amazon GuardDuty

  • Question 127:

    On database system of a hospital maintains rarely-accessed patients' data such as medical records including high-resolution images of ultrasound reports, MRI scans, and X-Ray reports for years. These records occupy a lot of space and need to be kept safe as it contains sensitive medical data. Which of the following Azure storage services best suitable for such rarely-accessed data with flexible latency requirement?

    A. Azure Backup: Restore-as-a-Service
    B. Azure File Sync
    C. Azure Archive Storage
    D. Azure Recovery Services Vault

  • Question 128:

    Daffod is an American cloud service provider that provides cloud-based services to customers worldwide. Several customers are adopting the cloud services provided by Daffod because they are secure and cost- effective. Daffod is compliant with the cloud computing law that protects the student information collected by educational institutions and their associated vendors. Based on the information given, which law does Daffod adhere to?

    A. ECPA
    B. FERPA
    C. CLOUD
    D. FISMA

  • Question 129:

    Global CloudEnv is a cloud service provider that provides various cloud-based services to cloud consumers. The cloud service provider adheres to the framework that can be used as a tool to systematically assess cloud implementation by providing guidance on the security controls that should be implemented by specific actors within the cloud supply chain. It is used as the standard to assess the security posture of organizations on the Security, Trust, Assurance, and Risk (STAR) registry. Based on the given information, which of the following cybersecurity control frameworks does Global CloudEnv adhere to?

    A. CDMI
    B. CSA CCM
    C. CSA CAIQ
    D. ITU-T X.1601

  • Question 130:

    Rachel McAdams works as a senior cloud security engineer in a cloud service provider company. Owing to the robust services and security features provided by her organization, the number of cloud consumers continues to increase. To mee the increasing cloud consumer requirements, her organization decided to build more data centers. Therefore, Rachel's organization formed a new team to design and construct data centers. Rachel is also part of the team and was given the responsibility of designing the data center. How can Racheal maintain a stable temperature in the HVAC unit?

    A. Rachel can design HVAC such that the heat generated by the data center equipment is taken outside and cool air to supply the equipment is taken inside
    B. Rachel can design HVAC such that the cool air and heat generated by data center equipment should remain outside to stabilize the temperature
    C. Rachel can design HVAC such that the cool air and heat generated by data center equipment should remain inside to stabilize the temperature
    D. Rachel can design HVAC such that the heat generated by the data center equipment is taken inside and cool air to supply the equipment is taken outside

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-40 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.