312-40 Exam Details

  • Exam Code
    :312-40
  • Exam Name
    :EC-Council Certified Cloud Security Engineer (CCSE)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :147 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 312-40 Online Questions & Answers

  • Question 51:

    Cindy Williams works as a cloud security engineer in an IT company located in Seattle, Washington. Owing to the cost-effective security, governance, and storage features provided by AWS, her organization adopted AWS cloud-based services. Cindy would like to detect any unusual activity in her organization's AWS account. She would like to obtain the event history of her organization's AWS account activity for security analysis and resource change tracking. Which of the following AWS service enables operational auditing, compliance, governance, and risk auditing for her organization's AWS account?

    A. AWS CloudFormation
    B. AWS Security Hub
    C. AWS Config
    D. AWS CloudTrail

  • Question 52:

    An organization with resources on Google Cloud regularly backs up its service capabilities to ensure high availability and reduce the downtime when a zone or instance becomes unavailable owing to zonal outage or memory shortage in an instance. However, as protocol, the organization must frequently test whether these regular backups are configured. Which tool's high availability settings must be checked for this?

    A. MySQL Database
    B. Always on Availability Groups (AGs)
    C. SQL Server Database Mirroring (DBM)
    D. Google Cloud SQL

  • Question 53:

    An Azure organization wants to enforce its on-premises AD security and password policies to filter brute- force attacks. Instead of using legacy authentication, the users should sign in to on-premises and cloud-based applications using the same passwords in Azure AD. Which Azure AD feature can enable users to access Azure resources?

    A. Azure Automation
    B. Azure AD Connect
    C. Azure AD Pass Through Authentication
    D. Azure Policy

  • Question 54:

    William O'Neil works as a cloud security engineer in an IT company located in Tampa, Florida. To create an access key with normal user accounts, he would like to test whether it is possible to escalate privileges to obtain AWS administrator account access. Which of the following commands should William try to create a new user access key ID and secret key for a user?

    A. aws iam target_user -user-name create-access-key
    B. aws iam create-access-key -user-name target_user
    C. aws iam create-access-key target_user -user-name
    D. aws iam -user-name target_user create-access-key

  • Question 55:

    A cloud organization, AZS, wants to maintain homogeneity in its cloud operations because the CPU speed measured by AZS varies and the measurement units lack consistency in the standards. For example, AWS defines the CPU speed with Elastic Compute Unit, Google with Google Compute Engine Unit, and Microsoft with clock speed. Here, which cloud computing standard can leverage frameworks and architectures specific to the cloud for maintaining homogeneity in operations?

    A. occ
    B. DMTF
    C. NIST
    D. CSA

  • Question 56:

    TechnoSoft Pvt. Ltd. is a BPO company that provides 24 * 7 customer service. To secure the organizational data and applications from adversaries, the organization adopted cloud computing. The security team observed that the employees are browsing restricted and inappropriate web pages. Which of the following techniques will help the security team of TechnoSoft Pvt. Ltd. in preventing the employees from accessing restricted or inappropriate web pages?

    A. Data Loss Prevention (DLP)
    B. Cloud access security broker (CASB)
    C. Geo-Filtering
    D. URL filtering

  • Question 57:

    Sandra Oliver has been working as a cloud security engineer in an MNC. Her organization adopted the Microsoft Azure cloud environment owing to its on-demand scalability, robust security, and high availability features. Sandra's team leader assigned her the task to increase the availability of organizational applications; therefore, Sandra is looking for a solution that can be utilized for distributing the traffic to backend Azure virtual machines based on the attributes of the HTTP request received from clients. Which of the following Azure services fulfills Sarah's requirements?

    A. Azure Application Gateway
    B. Azure Sentinel
    C. Azure ExpressRoute
    D. Azure Front Door

  • Question 58:

    Global CyberSec Pvt. Ltd. is an IT company that provides software and application services related to cybersecurity. Owing to the robust security features offered by Microsoft Azure, the organization adopted the Azure cloud environment. A security incident was detected on the Azure cloud platform. Global CyberSec Pvt. Ltd.'s security team examined the log data collected from various sources. They found that the VM was affected. In this scenario, when should the backup copy of the snapshot be taken in a blob container as a page blob during the forensic acquisition of the compromised Azure VM?

    A. After deleting the snapshot from the source resource group
    B. Before mounting the snapshot onto the forensic workstation
    C. After mounting the snapshot onto the forensic workstation
    D. Before deleting the snapshot from the source resource group

  • Question 59:

    VenturiaCloud is a cloud service provider that offers robust and cost-effective cloud-based services to cloud consumers. The organization became a victim of a cybersecurity attack. An attacker performed a DDoS attack over the cloud that caused failure in the entire cloud environment. VenturiaCloud conducted a forensics investigation. Who among the following are the first line of defense against cloud security attacks with their primary role being responding against any type of security incident immediately?

    A. Law Advisors
    B. Incident Handlers
    C. Investigators
    D. IT Professionals

  • Question 60:

    Rufus Sewell, a cloud security engineer with 5 years of experience, recently joined an MNC as a senior cloud security engineer. Owing to the cost-effective security features and storage services provided by AWS, his organization has been using AWS cloud-based services since 2014. To create a RAID, Rufus created an Amazon EBS volume for the array and attached the EBS volume to the instance where he wants to host the array. Using the command line, Rufus successfully created a RAID. The array exhibits noteworthy performance both in read and write operations with no overhead by parity control and the entire storage capacity of the array is used.

    The storage capacity of the RAID created by Rufus is equal to the sum of disk capacity in the set, but the array is not fault tolerant. It is ideal for non-critical cloud data storage that must be read/written at a high speed.

    Based on the given information, which of the following RAID is created by Rufus?

    A. RAID 0
    B. RAID 5
    C. RAID 1
    D. RAID 6

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-40 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.