312-40 Exam Details

  • Exam Code
    :312-40
  • Exam Name
    :EC-Council Certified Cloud Security Engineer (CCSE)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :147 Q&As
  • Last Updated
    :Jul 14, 2026

EC-COUNCIL 312-40 Online Questions & Answers

  • Question 71:

    Karen Gillan has recently joined an IT company as a cloud security engineer. Her organization would like to adopt cloud-based services to provide 24 x 7 customer support to its clients. It wants to transfer its customer database and transaction details along with the applications used for managing and supporting its customers.

    Before migrating to cloud, which of the following analyses should be performed by Karen on the security capabilities and services provided by cloud service providers to understand the security requirements of the organization and those provided by the cloud service provider?

    A. Gap Analysis
    B. Domain Analysis
    C. Business Impact Analysis
    D. Artificial Intelligence Analysis

  • Question 72:

    Rebecca Gibel has been working as a cloud security engineer in an IT company for the past 5 years. Her organization uses cloud-based services. Rebecca's organization contains personal information about its clients, which is encrypted and stored in the cloud environment. The CEO of her organization has asked Rebecca to delete the personal information of all clients who utilized their services between 2011 and 2015. Rebecca deleted the encryption keys that are used to encrypt the original data; this made the data unreadable and unrecoverable. Based on the given information, which deletion method was implemented by Rebecca?

    A. Data Scrubbing
    B. Nulling Out
    C. Data Erasure
    D. Crypto-Shredding

  • Question 73:

    Thomas Gibson is a cloud security engineer working in a multinational company. Thomas has created a Route 53 record set from his domain to a system in Florida, and a similar record to machines in Paris and Singapore.

    Assume that network conditions remain unchanged and Thomas has hosted the application on Amazon EC2 instance; moreover, multiple instances of the application are deployed on different EC2 regions. When a user located in London visits Thomas's domain, to which location does Amazon Route 53 route the user request?

    A. Singapore
    B. London
    C. Florida
    D. Paris

  • Question 74:

    A document has an organization's classified information. The organization's Azure cloud administrator has to send it to different recipients. If the email is not protected, this can be opened and read by any user. So the document should be protected and it will only be opened by authorized users. In this scenario, which Azure service can enable the admin to share documents securely?

    A. Azure Information Protection
    B. Azure Key Vault
    C. Azure Resource Manager
    D. Azure Content Delivery Network

  • Question 75:

    Simon recently joined a multinational company as a cloud security engineer. Due to robust security services and products provided by AWS, his organization has been using AWS cloud-based services. Simon has launched an Amazon EC2 Linux instance to deploy an application. He would like to secure Linux AMI. Which of the following command should Simon run in the EC2 instance to disable user account passwords?

    A. passwd -D < USERNAME >
    B. passwd -I < USERNAME >
    C. passwd -d < USERNAME >
    D. passwd -L < USERNAME >

  • Question 76:

    SecAppSol Pvt. Ltd. is a cloud software and application development company located in Louisville, Kentucky. The security features provided by its previous cloud service provider was not satisfactory, and in 2012, the organization became a victim of eavesdropping. Therefore, SecAppSol Pvt. Ltd. changed its cloud service provider and adopted AWS cloud-based services owing to its robust and cost-effective security features. How does SecAppSol Pvt. Ltd.'s security team encrypt the traffic between the load balancer and client that initiate SSL or TLS sessions?

    A. By enabling Amazon GuardDuty
    B. By enabling HTTPS listener
    C. By enabling Cloud Identity Aware Proxy
    D. By enabling RADIUS Authentication

  • Question 77:

    Katie Holmes has been working as a cloud security engineer over the past 7 years in an MNC. Since the outbreak of the COVID-19 pandemic, the cloud service provider could not provide cloud services efficiently to her organization. Therefore, Katie suggested to the management that they should design and build their own data center. Katie's requisition was approved, and after 8 months, Katie's team successfully designed and built an on-premises data center. The data center meets all organizational requirements; however, the capacity components are not redundant. If a component is removed, the data center comes to a halt. Which tier data center was designed and constructed by Katie's team?

    A. Tier III
    B. Tier I
    C. Tier IV
    D. Tier II

  • Question 78:

    TechGloWorld is an IT company that develops cybersecurity software and applications for various customers across the globe. Owing to the cost-effective security and storage services provided by AWS. TechGloWorld has adopted AWS cloud-based services. A new employee, named Tom Harrison, has joined TechGloWorld as a cloud security engineer. The team leader of cloud security engineers would like to add an 1AM user named Tom to the 1AM group named Admins. Which of the following commands should be used by the TechGloWorld security team leader?

    A. aws iam --group-name Admins -user-name Tom add-user-to-group
    B. aws iam --group-name Admins --user-name Tarn-add-user-to-group
    C. aws iam add-user-to-group --user-name Tom --group-name Admins
    D. aws iam add-user-to-group --user-name Torn --group-name Admin

  • Question 79:

    Dustin Hoffman works as a cloud security engineer in a healthcare company. His organization uses AWS cloud- based services. Dustin would like to view the security alerts and security posture across his organization's AWS account. Which AWS service can provide aggregated, organized, and prioritized security alerts from AWS services such as GuardDuty, Inspector, Macie, IAM Analyzer, Systems Manager, Firewall Manager, and AWS Partner Network to Dustin?

    A. AWS Config
    B. AWS CloudTrail
    C. AWS Security Hub
    D. AWS CloudFormation

  • Question 80:

    Global InfoSec Solution Pvt. Ltd. is an IT company that develops mobile-based software and applications. For smooth, secure, and cost-effective facilitation of business, the organization uses public cloud services. Now, Global InfoSec Solution Pvt. Ltd. is encountering a vendor lock-in issue. What is vendor lock-in in cloud computing?

    A. It is a situation in which a cloud consumer cannot switch to another cloud service broker without substantial switching costs
    B. It is a situation in which a cloud consumer cannot switch to a cloud carrier without substantial switching costs
    C. It is a situation in which a cloud service provider cannot switch to another cloud service broker without substantial switching costs
    D. It is a situation in which a cloud consumer cannot switch to another cloud service provider without substantial switching costs

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-40 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.