Which of the following service offerings in a typical Infrastructure as a Service (IaaS) model will BEST enable a cloud service provider to assist customers when recovering from a security incident?
A.
Capability to take a snapshot of virtual machines
B.
Capability of online virtual machine analysis
C.
Availability of web application firewall logs
D.
Availability of current infrastructure documentation
It is A. They are trying to recover, therefore require a backup from a snapshot. Option B would be good for in-the-moment analysis and detection. Option A is for recovery to start from a known good state.
For me it's B.
In my opinion if you are not able to analyze the machine, then the snapshots will be useless because you can't identify the root cause of the incident, therefore even you have snapshots you will not able to decide which restoration point is clean in order to restore your system from.
"assist customers when recovering from a security incident? " - Can not recover from if you don't have Snapshots - Snapshots can recover fully. Being able to analyze is good but doesn't assist in recovery.
In a typical Infrastructure as a Service (IaaS) model, the service offering that will BEST enable a cloud service provider to assist customers when recovering from a security incident is A. Capability to take a snapshot of virtual machines.
Taking a snapshot of virtual machines is a valuable feature in an IaaS model that allows for the creation of a point-in-time copy of a virtual machine's disk, memory, and configuration. This snapshot serves as a backup or recovery point that can be used to restore the virtual machine to a previous known good state. In the event of a security incident, having the capability to take snapshots enables customers to roll back to a secure state before the incident occurred.
B. Capability of online virtual machine analysis.
The capability of online virtual machine analysis allows the cloud service provider to analyze the virtual machines in real-time, providing valuable insights into the security incident and assisting in the recovery process. By having the ability to analyze the virtual machines, the cloud service provider can identify any malicious activities, assess the impact of the incident, and provide guidance on the necessary actions to mitigate the security breach and restore normal operations.
However, it does not provide the same level of protection as snapshots, which can restore the entire virtual machine to a pre-incident state.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
blehbleh
1 year agoUncle_Lucifer
1 year, 1 month agoCyberbug2021
1 year, 1 month agoMarcovic00
1 year, 1 month agooluchecpoint
1 year, 4 months agoAkam
1 year, 4 months agoCyberbug2021
1 year, 1 month agosundersam23
1 year, 6 months agorichck102
1 year, 6 months agomad68
1 year, 8 months agoCyberbug2021
1 year, 1 month ago