Question 101
Which encryption algorithm is used with Default Encryption in Cloud Storage?
Question 102
A security team at an e-commerce company wants to define an automatic incident response process for fraudulent credit card usage attempts. The team targets a 10-minute or faster response time for such incidents. The fraudulent card list is updated every 60 seconds. The e- commerce servers log the transaction details in near-real time. Which option should you recommend to the security team?
Question 103
What are the steps to encrypt data using envelope encryption?
A.Generate a data encryption key (DEK) locally.
* Use a key encryption key (KEK) to wrap the DEK.
* Encrypt data with the KEK.
* Store the encrypted data and the wrapped KEK.
B.Generate a key encryption key (KEK) locally.
* Use the KEK to generate a data encryption key (DEK).
* Encrypt data with the DEK.
* Store the encrypted data and the wrapped DEK.
C.Generate a data encryption key (DEK) locally.
* Encrypt data with the DEK.
* Use a key encryption key (KEK) to wrap the DEK.
* Store the encrypted data and the wrapped DEK.
D.Generate a key encryption key (KEK) locally.
* Generate a data encryption key (DEK) locally.
* Encrypt data with the KEK.
* Store the encrypted data and the wrapped DEK.
Question 104
Which two security characteristics are related to the use of VPC peering to connect two VPC networks? (Choose two.)
Question 105
In a shared security responsibility model for IaaS, which two layers of the stack does the customer share responsibility for? (Choose two.)