Profile Settings

CyberSecurity

If there is one thing we all need to be more concern about regarding applications running in the Cloud, it should be Security

1: Security+ Q&A

Question: 1
During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?

Comment Loading

Question : 2
A security analyst is reviewing alerts in the SIEM(Security information and event management) related to potential malicious network traffic coming from an employee’s corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?

Ans: Endpoint
Explanation:
Endpoint logs: Endpoint logs, also known as host logs, record events and activities that occur on individual endpoints (such as laptops, desktops, or servers). These logs can include information about processes, applications, system events, user logins, file accesses, and more. Endpoint logs are a valuable source of data for investigating security incidents on specific devices, including information about the executables running on the machine. For the investigation described in the scenario, the most appropriate data source for obtaining additional information about the executable running on the employee's corporate laptop is Endpoint logs. Endpoint logs can provide detailed insights into the processes and executables running on the machine, helping the security analyst to further analyze and respond to the potential security threat. Note; Endpoint logs are stored on the actual device so the data they are looking for should be in the endpoint logs.

Question: 3
A systems administrator receives the following alert from a file integrity monitoring tool: The hash of the cmd.exe file has changed. The systems administrator checks the OS logs and notices that no patches were applied in the last two months. Which of the following most likely occurred?

Comment Loading

Question : 4
A Security Administrator is tasked to set up an automated system to manage the access keys in the company’s AWS account. A solution must be implemented to automatically disable all IAM user access keys that are more than 90 days old.

How do you implement this

Comment Loading

Question: 5
A Security Engineer refactored an application to remove the hardcoded Amazon RDS database credential from the application and store it to AWS Secrets Manager instead. The application works fine after the code change. For improved data security, the Engineer enabled rotation of the credential in Secrets Manager and then set the rotation to change every 30 days. The change was done successfully without any issues but after a short while, the application is getting an authentication error whenever it connects to the database. What is the MOST likely cause of this issue?

Comment Loading

Scenario: 1
A website is hosted in an Auto Scaling group of EC2 instances behind an Application Load Balancer in US West (N. California) region. There is a new requirement to place a CloudFront distribution in front of the load balancer to improve the site's latency and lower the load on the origin servers. The Security Engineer must implement HTTPS communication from the client to CloudFront and then from CloudFront to the load balancer. A custom domain name must be used for your distribution and the SSL/TLS certificate should be generated from AWS Certificate Manager (ACM).
How many certificates should be generated by the Engineer in this scenario?

Some placeholder content for the collapse component. This panel is hidden by default but revealed when the user activates the relevant trigger.

Scenario: 2
Welcome to Home Depot!. You have just joined the team and your first task is to enhance security for the company website. The site runs on Linux, PHP and Apache and uses an EC2 an autoscaling group behind an Application Load Balancer (ALB). After an initial architecture assessment you have found multiple vulnerabilities and configuration issues. The dev team is swamped and will not be able to remediate code level issues for several weeks. Your mission in this workshop round is to build an effective set of controls that mitigate common attack vectors against web applications, and provide you with the monitoring capabilities needed to react to emerging threats when they occur.

Some placeholder content for the collapse component. This panel is hidden by default but revealed when the user activates the relevant trigger.

Cloud Security

If there is one thing we all need to be more concern about regarding applications running in the Cloud, it should be Security

2: Security Logging and Monitoring

An organization is implementing a security policy in which their cloud-based users must be contained in a separate authentication domain and prevented from accessing on-premises systems. Their IT Operations team is launching and maintaining a number of Amazon RDS for SQL Server databases and EC2 instances. The organization also has an on-premises Active Directory service that contains the administrator accounts that must have access to the databases and EC2 instances.
How would the Security Engineer manage the AWS resources of the organization in the MOST secure manner?

Comment Loading

Scenario: 2
We found out that anyone from the Internet can bypass CloudFront that we have configured for security and open the app skipping protection we have from the components at the Edge. Meaning: the Application Load Balancer can be an easier target for an attack and a weak spot. Help us to fix that!

Some placeholder content for the collapse component. This panel is hidden by default but revealed when the user activates the relevant trigger.

GOD LOVE YOU

If there is one thing we beliers need to get a revelation of, it should be the Love of God

Everlasting Love of God

The LORD appeared to us in the past, saying: “I have loved you with an everlasting love; I have drawn you with unfailing kindness.(Jeremiah 31:3, NIV)

Notes and Scripture Reference

If you want to stay at the top of your career, you have to keep on learning. No one was created to depend on the other, no one was created to be a bagger, We were all created in the image of God and empowered by God to do greater things, We are all equip and bless with potentials, talent and gifts. Join us to make a different in our world

The Grace Of God

Understanding what the the grace of God is all about

Grace: The power of the gospel week 1

The LORD appeared to us in the past, saying: “I have loved you with an everlasting love; I have drawn you with unfailing kindness.(Jeremiah 31:3, NIV)

Notes and Questions

If you want to stay at the top of your career, you have to keep on learning. No one was created to depend on the other, no one was created to be a bagger, We were all created in the image of God and empowered by God to do greater things, We are all equip and bless with potentials, talent and gifts. Join us to make a different in our world

The Grace Of God

Understanding what the the grace of God is all about

Grace: The power of the gospel week 2

And so we know and rely on the love God has for us. God is love. Whoever lives in love lives in God, and God in them. ( 1John 4:16 NIV)

Grace: The power of the gospel week 2: Lesson 1

28min 30second

Grace: The power of the gospel week 2: Lesson 2

28min 30second

Grace: The power of the gospel week 2: Lesson 3

28min 30second

Grace: The power of the gospel week 2: Lesson 4

28min 30second

Grace: The power of the gospel week 2: Lesson 5

28min 30second

Scripture Reference and side note

If you want to stay at the top of your career, you have to keep on learning. No one was created to depend on the other, no one was created to be a bagger, We were all created in the image of God and empowered by God to do greater things, We are all equip and bless with potentials, talent and gifts. Join us to make a different in our world