Fortinet NSE 7 - OT Security 6.4
Exam series: NSE7_OTS-6.4
Number of questions: 35
Exam time: 60 minutes
Language: English
Product version: FortiOS 6.4
Status: Available
NSE 7 Network Security Architect—OT Security
NSE 7 Certification The Fortinet Network Security Architect designation identifies your advanced
skills in deploying, administering, and troubleshooting Fortinet security
solutions. We recommend this certification for network and security
professionals who are involved in the advanced administration and support of
security infrastructures using Fortinet solutions. Visit the Fortinet NSE
Certification Program page for information about certification requirements.
Fortinet NSE 7—OT Security 6.4 The Fortinet NSE 7—OT Security 6.4 exam is part of the NSE 7 Network
Security Architect program, and recognizes the successful candidate’s knowledge
of and expertise with the Fortinet products in an OT environment.
The exam tests applied knowledge of the design, implementation, operation, and
integration of an OT security
solution comprising FortiOS 6.4.3, FortiAnalyzer 6.4.3, FortiSIEM 5.3.1, and
FortiNAC 8.5.
Audience The Fortinet NSE 7—OT Security 6.4 exam is intended for network and security
professionals responsible for designing and implementing infrastructure
containing many Fortinet devices.
Exam Details Exam name Fortinet NSE 7—OT Security 6.4
Exam series NSE7_OTS-6.4
Time allowed 60 minutes
Exam Description
Exam questions 35 multiple-choice questions
Scoring Pass or fail, a score report is available from your Pearson VUE account
Language English
Product version FortiOS 6.4.3, FortiAnalyzer 6.4.3, FortiSIEM 5.3.1, FortiNAC
8.5
Exam Topics
Successful candidates have applied knowledge and skills in the following areas
and tasks:
* Asset Management
* Explain the OT architecture with Fortinet products
* Configure the security fabric for OT network
* Implement device detection with FortiGate
* Explain network visibility with FortiNAC
* Network access control
* Explain role-based authentication
* Apply authentication to control access to devices
* Explain industrial Ethernet protocols
* Explain internal segmentation implementation for OT networks
* Protecting OT network
* Identify industrial protocols and signatures
* Implement IPS to secure OT networks
* Implement application control for industrial applications
* Monitoring and risk assessment
* Implement logging and monitoring with FortiAnalyzer and FortiSIEM
* Explain FortiSIEM rules and incidents
* Customize and generate reports with FortiAnalyzer and FortiSIEM
* Build OT security dashboard with FortiSIEM
Training Resources
The following resources are recommended for attaining the knowledge and skills
that are covered on the exam. The recommended training is available as a
foundation for exam preparation. In addition to training, candidates are
strongly encouraged to have hands-on experience with the exam topics and
objectives.
Other Resources
* FortiOS Administration Guide 6.4.3
* FortiOS CLI Reference 6.4.3
* FortiAnalyzer Administration Guide 6.4.3
* FortiSIEM User Guide 5.3.1
* FortiNAC Administration and Operation Guide 8.5
Experience l Familiarity with design, implementation, and integration of the Fortinet
solution in an OT infrastructure
Exam Sample Questions A set of sample questions is available from the NSE Training Institute.
These questions sample the exam content in question type and content scope.
However, the questions do not necessarily represent all the exam content, nor
are they intended to assess an individual’s readiness to take the certification
exam.
See the NSE Training Institute for the course that includes the sample
questions.
Examination Policies and Procedures The NSE Training Institute recommends that candidates review exam policies
and procedures before registering for the exam. Access important information on
the Program Policies page, and find answers to common questions on the
FAQ page.
QUESTION 1
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)
A. Enhanced point of connection details
B. Direct VLAN assignment
C. Adapter consolidation for multi-adapter hosts
D. Importation and classification of hosts
QUESTION 2
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic?
(Choose three.)
A. Services defined in the firewall policy.
B. Source defined as internet services in the firewall policy
C. Lowest to highest policy ID number
D. Destination defined as internet services in the firewall policy
E. Highest to lowest priority defined in the firewall policy
EXAM NUMBER : 2V0-81.20
PRODUCT : NSX-T Data Center 3.0, Workspace ONE 20.X, VMware Carbon Black Cloud
EXAM LANGUAGE : English
Associate Certifications : VCP-SEC 2021
EXAM OVERVIEW : This exam tests a candidate's knowledge of VMware's security solutions and
the candidate's ability to administer the security features and functions of NSX-T
Data Center, Workspace ONE, and VMware Carbon Black Cloud.
Exam Info Duration : 130 minutes
Number of Questions : 70
Passing Score : 300 Learn more
Format : Multiple Choice, Multiple Choice Multiple Selection, Drag and Drop,
Matching
Exam Details: (Last Updated: 10/7/2020) The Professional VMware Security exam (2V0-81.20)
which leads to VMware Certified Professional – Security 2021 certification is a
70-itemexam, with a passing score of 300 using a scaled scoring method.
Candidates are given 130 minutes to complete the exam, which includes adequate
time to complete the exam for non-native English speakers.
Exam Delivery : This is a proctored exam delivered through Pearson VUE. For more
information, visit the Pearson VUE website.
Certification Information : For details and a complete list of requirements and recommendations for
attainment, please reference the VMware Education Services –Certification
website.
Minimally Qualified : Candidate The minimally qualified candidate (MQC) possesses knowledge of
vSphere, networking, and endpoint security. The MQC can explain VMware Security
key features and functionality. The MQC can describe VMware's Security
architecture concepts. The MQC can explain the primary security features of
VMware Carbon Black Cloud, NSX-T Data Center, and Workspace ONE, and how these
VMware products interoperate with each other to deliver an intrinsic security
solution. The MQC can describe use cases for VMware Security to others. The MQC
has a minimum of 6 months hands-on experience configuring and managing VMware
Security solutions and 1 year of experience working directly with VMware Carbon
Black Cloud, NSX-T Data Center, and Workspace ONE. The MQC must possess all the
knowledge contained in the sections included in this exam.
Exam Sections: VMware exam blueprint sections are now standardized to the seven sections
below, some of which may NOT be included in the final exam blueprint depending
on the exam objectives.
Section 1 – Architecture and Technologies
Section 2 – Products and Solutions
Section 3 – Planning and Designing
Section 4 – Installing, Configuring, and Setup
Section 5 – Performance-tuning, Optimization, and Upgrades
Section 6 – Troubleshooting and Repairing
Section 7 – Administrative and Operational Tasks
If a section does not have testable objectives in this version of
the exam, it will be noted below, accordingly. The objective numbering may be
referenced in your score report at the end of your testing event for further
preparation should a retake of the exam be necessary.
Sections Included in this Exam
Section 1 – There are no testable objectives for this section.
Section 2 – There are no testable objectives for this section.
Section 3 – There are no testable objectives for this section.
Section 4 – Installing, Configuring, and Setting
Objective 4.1 – Configure firewall rules to enable and secure
Workspace ONE Components
Objective 4.2 –Configure and manage security groups and security policies in
Carbon Black
Objective 4.3 –Configure compliance policies and profiles in Workspace ONE UEM
Objective 4.4 –Configure access policies in Workspace ONE Access
Objective 4.5 –Configure and administer endpoint management
Objective 4.6 –Deploy CB Defense sensors to endpoints
Objective 4.7 –Configure and administer identity providers in Workspace ONE
Access
Objective 4.8 –Configure and administer authentication methods in Workspace
ONE Access
Objective 4.9 –Deploy and configure NSX-T
Objective 4.10 –Outline the installation and preparation workflow of NSX-T
data center
Objective 4.11 –Configure and manage firewalls rules for NSX-T
Objective 4.12 –Connect NSX-T Manager to User Directory for user based
firewall rules
Objective 4.13 –Configure and manage security groups and security policies in
NSX-T
Objective 4.14 –Install and configure Guest Introspection agent components in
VMTools
Section 5 –
Section 6 – Troubleshooting and Repairing
Objective 6.1 –Compare and contrast tools available for
troubleshooting (vRNI vs NSX Intelligence)
Objective 6.2 –Troubleshoot common NSX component issues
Objective 6.2.1 –Troubleshoot common NSX installation and
configuration issues
Objective 6.2.2 –Troubleshoot common NSX firewall policy issues
Objective 6.3 –Troubleshoot common Carbon Black issues
Objective 6.4 –Troubleshoot Workspace ONE issues around endpoint security
Objective 6.5 –Troubleshoot connectivity issues
Objective 6.6 –Troubleshoot multi-cloud security issues
Objective 6.7 –Troubleshoot common physical infrastructure issues
Section 7 – Administrative and Operational Tasks
Objective 7.1 – Identify data center traffic flows
Objective 7.2 – Identify automation mechanisms for security policy
configuration
Objective 7.3 – Manage firewall policies
Objective 7.4 – Monitor security for compliance and regulation assurance
Objective 7.5 – Manage security policies for business continuity and disaster
recovery
Objective 7.6 – Perform patch management in Workspace ONE
Objective 7.7 – Manage access policies for Single Sign-On and third party
Identity Provider federation
Recommended Courses NSX-T Data Center Install, Config, Manage [3.X]
Workspace ONE Deploy and Manage [20.X]]
VMware Carbon Black Cloud Audit and Remediation
VMware Carbon Black Cloud Endpoint Standard
VMware Carbon Black Cloud Enterprise EDR
References*
In addition to the recommended courses, item writers used the following
references for information when writing exam questions. It is recommended that
you study the reference content as you prepare to take the exam, in addition to
any recommended training.
QUESTION 1
Which file can be used to validate repcli authentication was enabled for Carbon Black Cloud?
A. C:\Program Files\Confer\repcii.ini
B. C:\Program Files\Confer\config.ini
C. C:\Program Files\Confer\cfg.ini
D. C:\Program Files\Confer\cli.ini
Answer: A
QUESTION 2
Which is the correct Distinguished Name for connecting NSX-T Data Center to Active Directory,
if your
directory name is corp. local?
A. corp. local
B. DC=corp. local
C. DC=corp, DC=local
D. DC=local, DC=corp
Answer: C
QUESTION 3
What are two valid time limit selections when creating a Last Seen compliance policy in Workspace ONE
UEM? (Choose two.)
A. Hours
B. Minutes
C. Days
D. Weeks
E. Months
Answer: B,C
QUESTION 4
Which is true about Time-Based Firewall Policy rules?
A. Time-Based policy rules apply only to the NSX Distributed Firewall.
B. Time-Based policy rules apply to the NSX Gateway and Distributed Firewall.
C. Time-Based policy rules can only be used one time for NSX Gateway Firewall.
D. Time-Based policy rules apply only to the NSX Gateway Firewall.
Candidates for this exam should have subject matter expertise in planning,
implementing, and maintaining Azure networking solutions, including hybrid
networking, connectivity, routing, security, and private access to Azure
services.
Candidates for this exam should also have expert Azure administration skills, in
addition to extensive experience and knowledge of networking, hybrid
connections, and network security.
Part of the requirements for: Microsoft Certified: Azure Network Engineer
Associate
Related exams: none
Important: See details
Go to Certification Dashboard
Exam AZ-700: Designing and Implementing Microsoft Azure Networking Solutions
Languages: English
Retirement date: none
This exam measures your ability to accomplish the following technical tasks:
design, implement, and manage hybrid networking; design and implement core
networking infrastructure; design and implement routing; secure and monitor
networks; and design and implement private access to Azure Services.
Skills measured
Design, implement, and manage hybrid networking (10-15%)
Design and implement core networking infrastructure (20-25%)
Design and implement routing (25-30%)
Secure and monitor networks (15-20%)
Design and implement Private access to Azure Services (10-15%)
Related certifications
There may be certifications and prerequisites related to "Exam AZ-700: Designing
and Implementing Microsoft Azure Networking Solutions"
Microsoft Certified: Azure Network Engineer Associate
Related certification Candidates for the Azure Network Engineer Associate certification should
have subject matter expertise in planning, implementing, and maintaining Azure
networking solutions, including hybrid networking, connectivity, routing,
security, and private access to Azure services.
Exam resources : Training and certification guide
Explore all certifications in a concise training and certifications guide.
Certification poster
Check out an overview of fundamentals, role-based and specialty certifications.
Exam Replay
See two great offers to help boost your odds of success. Support for
certification exams
Get help through Microsoft Certification support forums. A forum moderator will
respond in one business day, Monday-Friday. Certification dashboard
Review and manage your scheduled appointments, certificates, and transcripts.
Request accommodations
Learn more about requesting an accommodation for your exam.
Audience Profile
Candidates for this exam should have subject matter expertise in planning,
implementing, and maintaining Azure networking solutions, including hybrid
networking, connectivity, routing, security, and private access to Azure
services.
Responsibilities for the Azure Network Engineer include recommending, planning,
and implementing Azure networking solutions. Professionals in this role manage
the solution for performance, resiliency, scale, and security. They deploy
networking solutions by using the Azure Portal and other methods, including
PowerShell, Azure Command-Line Interface (CLI), and Azure Resource Manager
templates (ARM templates). The Azure Network Engineer works with solution
architects, cloud administrators, security engineers, application developers,
and DevOps engineers to deliver Azure solutions.
Candidates for this exam should have expert Azure administration skills, in
addition to extensive experience and knowledge of networking, hybrid
connections, and network security.
Skills Measured NOTE: The bullets that follow each of the skills measured are intended to
illustrate how we’re assessing that skill. This list is not definitive or
exhaustive.
NOTE: Most questions cover features that are General Availability (GA). The exam
may contain questions on Preview features, if those features are commonly used.
Design, Implement, and Manage Hybrid Networking (10–15%)
Design, implement, and manage a site-to-site VPN connection design a site-to-site VPN connection for high availability
select an appropriate virtual network (VNet) gateway SKU
identify when to use policy-based VPN versus route-based VPN
create and configure a local network gateway
create and configure an IPsec/IKE policy
create and configure a virtual network gateway
diagnose and resolve VPN gateway connectivity issues
Design, implement, and manage a point-to-site VPN connection
select an appropriate virtual network gateway SKU
plan and configure RADIUS authentication
plan and configure certificate-based authentication
plan and configure OpenVPN authentication
plan and configure Azure Active Directory (Azure AD) authentication
implement a VPN client configuration file
diagnose and resolve client-side and authentication issues
Design, implement, and manage Azure ExpressRoute
choose between provider and direct model (ExpressRoute Direct)
design and implement Azure cross-region connectivity between multiple
ExpressRoute locations
select an appropriate ExpressRoute SKU and tier
design and implement ExpressRoute Global Reach
design and implement ExpressRoute FastPath
choose between private peering only, Microsoft peering only, or both
configure private peering
configure Microsoft peering
create and configure an ExpressRoute gateway
connect a virtual network to an ExpressRoute circuit
recommend a route advertisement configuration
configure encryption over ExpressRoute
implement Bidirectional Forwarding Detection
diagnose and resolve ExpressRoute connection issues
Design and Implement Core Networking Infrastructure (20–25%)
Design and implement private IP addressing for VNets create a VNet
plan and configure subnetting for services, including VNet gateways, private
endpoints, firewalls, application gateways, and VNet-integrated platform
services
plan and configure subnet delegation
Design and implement name resolution design public DNS zones
design private DNS zones
design name resolution inside a VNet
configure a public or private DNS zone
link a private DNS zone to a VNet
Design and implement cross-VNet connectivity design service chaining, including gateway transit
design VPN connectivity between VNets
implement VNet peering
Design and implement an Azure Virtual WAN architecture
design an Azure Virtual WAN architecture, including selecting SKUs and
services
connect a VNet gateway to Azure Virtual WAN
create a hub in Virtual WAN
create a network virtual appliance (NVA) in a virtual hub
configure virtual hub routing
create a connection unit Design and Implement Routing (25–30%) Design, implement, and manage VNet routing design and implement user-defined routes (UDRs)
associate a route table with a subnet
configure forced tunneling
diagnose and resolve routing issues
Design and implement an Azure Load Balancer
choose an Azure Load Balancer SKU (Basic versus Standard)
choose between public and internal
create and configure an Azure Load Balancer (including cross-region)
implement a load balancing rule
create and configure inbound NAT rules
create explicit outbound rules for a load balancer
Design and implement Azure Application Gateway
recommend Azure Application Gateway deployment options
choose between manual and autoscale
create a back-end pool
configure health probes
configure listeners
configure routing rules
configure HTTP settings
configure Transport Layer Security (TLS)
configure rewrite policies
Implement Azure Front Door
choose an Azure Front Door SKU
configure health probes, including customization of HTTP response codes
configure SSL termination and end-to-end SSL encryption
configure multisite listeners
configure back-end targets
configure routing rules, including redirection rules
Implement an Azure Traffic Manager profile configure a routing method (mode)
configure endpoints
create HTTP settings
Design and implement an Azure Virtual Network NAT
choose when to use a Virtual Network NAT
allocate public IP or public IP prefixes for a NAT gateway
associate a Virtual Network NAT with a subnet
Secure and Monitor Networks (15–20%)
Design, implement, and manage an Azure Firewall deployment design an Azure Firewall deployment
create and implement an Azure Firewall deployment
configure Azure Firewall rules
create and implement Azure Firewall Manager policies
create a secure hub by deploying Azure Firewall inside an Azure Virtual WAN
hub
integrate an Azure Virtual WAN hub with a third-party NVA
Implement and manage network security groups (NSGs) create an NSG
associate an NSG to a resource
create an application security group (ASG)
associate an ASG to a NIC
create and configure NSG rules
interpret NSG flow logs
validate NSG flow rules
verify IP flow
Implement a Web Application Firewall (WAF) deployment
configure detection or prevention mode
configure rule sets for Azure Front Door, including Microsoft managed and user
defined
configure rule sets for Application Gateway, including Microsoft managed and
user defined
implement a WAF policy
associate a WAF policy
Monitor networks configure network health alerts and logging by using Azure Monitor
create and configure a Connection Monitor instance
configure and use Traffic Analytics
configure NSG flow logs
enable and configure diagnostic logging
configure Azure Network Watcher
Design and Implement Private Access to Azure Services (10–15%)
Design and implement Azure Private Link service and Azure Private Endpoint create a Private Link service
plan private endpoints
create private endpoints
configure access to private endpoints
integrate Private Link with DNS
integrate a Private Link service with on-premises clients
Design and implement service endpoints create service endpoints
configure service endpoint policies
configure service tags
configure access to service endpoints
Configure VNet integration for dedicated platform as a service (PaaS)
services configure App Service for regional VNet integration
configure Azure Kubernetes Service (AKS) for regional VNet integration
configure clients to access App Service Environment
QUESTION 1 You need to configure GW1 to meet the network security requirements for the
P2S VPN users.
Which Tunnel type should you select in the Point-to-site configuration settings
of GW1?
A. IKEv2 and OpenVPN (SSL)
B. IKEv2
C. IKEv2 and SSTP (SSL)
D. OpenVPN (SSL)
E. SSTP (SSL)
Correct Answer: D
QUESTION 2 Your company has a single on-premises datacenter in New York. The East US
Azure region has a peering
location in New York.
The company only has Azure resources in the East US region.
You need to implement ExpressRoute to support up to 1 Gbps. You must use only
ExpressRoute Unlimited
data plans. The solution must minimize costs.
Which type of ExpressRoute circuits should you create?
A. ExpressRoute Local
B. ExpressRoute Direct
C. ExpressRoute Premium
D. ExpressRoute Standard
Correct Answer: A
QUESTION 3 You are planning an Azure Point-to-Site (P2S) VPN that will use OpenVPN.
Users will authenticate by an on-premises Active Directory domain.
Which additional service should you deploy to support the VPN authentication?
A. an Azure key vault
B. a RADIUS server
C. a certification authority
D. Azure Active Directory (Azure AD) Application Proxy
Correct Answer: B
QUESTION 4 You plan to configure BGP for a Site-to-Site VPN connection between a
datacenter and Azure.
Which two Azure resources should you configure? Each correct answer presents a
part of the solution.
(Choose two.)
NOTE: Each correct selection is worth one point.
A. a virtual network gateway
B. Azure Application Gateway
C. Azure Firewall
D. a local network gateway
E. Azure Front Door
Authentic information about the syllabus and an effective study guide is
essential to go through the ServiceNow CIS-SAM exam in the first attempt. The
study guide of Study4Exam provides you with comprehensive information about the
syllabus of the ServiceNow CIS-SAM exam. You should get this information at the
start of your preparation because it helps you make an effective study plan. We
have designed this ServiceNow Software Asset Management certification exam
preparation guide to give the exam overview, practice questions, practice test,
prerequisites, and information about exam topics that help to go through the
ServiceNow ServiceNow Certified Implementation Specialist –Software Asset
Management Professional (2021) exam. We recommend you to the preparation
material mentioned in this study guide to cover the entire ServiceNow CIS-SAM
syllabus. Study4Exam offers 3 formats of ServiceNow CIS-SAM exam preparation
material. Each format provides new practice questions in PDF format, web-based
and desktop practice exams to get passing marks in the first attempt.
ServiceNow CIS-SAM Exam Overview : Exam Name ServiceNow Certified Implementation Specialist –Software Asset
Management Professional
Exam Code CIS-SAM
Official Information https://www.servicenow.com/content/dam/servicenow/other-documents/training/cis-sam-blueprint.pdf
See Expected Questions ServiceNow CIS-SAM Expected Questions in Actual Exam
Take Self-Assessment Use ServiceNow CIS-SAM Practice Test to Assess your
preparation - Save Time and Reduce Chances of Failure
ServiceNow CIS-SAM Exam Topics :
Section Weight Objectives
Software Asset Core Overview & Fundamentals 14% Software Asset Management Basics
Process Architecture
Application Introduction and Recommended Practices
Data Integrity – Attributes and Sources for the Data 28% Importing Data
Software Discovery and Normalization
Content Service
Practical Management of Software Compliance 30% Products and Models
License Metrics, Entitlements, and Allocations
Software Reconciliation
Operational Integration of Software Processes 13% Contract and Change Management
Service Catalog and Procurement
Software Remediation
Extending SAM 15%
Software Model Lifecycle and Retirement
Software Installation Optimization
Reporting, Implementation, and Maintenance
Updates in the ServiceNow CIS-SAM Exam Syllabus:
ServiceNow CIS-SAM exam questions and practice test are the best ways to get
fully prepared. Study4exam's trusted preparation material consists of both
practice questions and practice test. To pass the actual Software Asset
Management CIS-SAM exam on the first attempt, you need to put in hard work on
these ServiceNow CIS-SAM questions that provide updated information about the
entire exam syllabus. Besides studying actual questions, you should take the
ServiceNow CIS-SAM practice test for self-assessment and actual exam simulation.
Revise actual exam questions and remove your mistakes with the ServiceNow
Certified Implementation Specialist –Software Asset Management Professional
CIS-SAM exam practice test. Online and windows-based formats of the CIS-SAM exam
practice test are available for self-assessment.
CIS – Software Asset Management (SAM) Exam by ServiceNow defines the purpose,
audience, testing options, exam content coverage, test framework, and
prerequisites to become a ServiceNow SAM Implementation Specialist. CIS –
Software Asset Management Professional exam has now become the need to get a
good job in the corporate IT sector. Every organization now demands a certified
professional for managing their software and to increase their efficiency. The
importance of certifications has grown so much as the era of perfection and
professionalism has emerged.
What is CIS– Software Asset Management Professional Exam?
The ServiceNow CIS– Software Asset Management Professional exam certifies that a
successful candidate has the skills and essential knowledge to contribute to the
configuration, implementation, and maintenance of the ServiceNow SAM
Professional application. The exam is available to ServiceNow customers,
partners, sales engineers, employees, and others interested in becoming a
ServiceNow SAM Certified Implementation Specialist. The CIS– Software Asset
Management Professional exam will have the following major testing basis:
1. Software Asset Core Overview & Fundamentals – 14%
2. Data Integrity – Attributes and Sources for the Data – 28%
3. Practical Management of Software Compliance – 30%
4. Operational Integration of Software Processes – 13%
5. Extending SAM – 15%
Now, let us look into the exam overview as it is very important for you to have
all the details in place before the actual preparation.
Exam overview
You must know the total exam duration, total questions, types of questions asked
in the exam and other details. Because only then your preparation will be
complete.
Types of Questions The CIS Software Asset Management Exam Questions are in the following
formats:
Multiple Choice (single answer) – For each multiple-choice question on the exam,
there are at least four possible responses. The candidate taking the exam
reviews the response options and selects the one response that most accurately
answers the question.
Multiple Select (select all that apply)- For each multiple-select question on
the exam, there are at least four possible responses. The question will state
how many responses should be selected. The candidate taking the exam reviews the
response options and selects ALL responses that accurately answer the question.
Multiple-select questions have two or more correct responses.
You can register for the exam on Webassessor. And the results will be displayed
immediately after finishing the exam. You can retake the exam by paying $150
every time. Here is a table for your ease:
Name of the exam CIS– Software Asset Management Professional exam
No. of questions asked 60
Type of questions MCQ and Multiple select
Time allotted 90 minutes
Cost of taking the exam $300
Languages available English
Now, let us look at prerequisites for the exam which is the trainings that will
help in generating the voucher code.
Exam Prerequisites
ServiceNow requires the completion of the following prerequisite CIS Software
Asset Management Training courses in preparation for the exam. Information
provided in the following courses contain source material for the CIS- Software
Asset
Management exam.
Software Asset Management Professional Fundamentals – Upon completion, the
candidate will be issued a voucher code to register for the Certified
Implementation Specialist – Software Asset Management Professional exam. Software Asset Management (SAM) Getting Started
Entitlement Import Basics for Software Asset Management (SAM)
Discovery Basics for Software Asset Management (SAM)
Software Asset Management (SAM) Reconciliation Troubleshooting
SAM: Integration with SCCM for Reclamation and Distribution
Recommended Knowledge and Education
ServiceNow recommends completing the following training courses and
certifications in preparation for the CIS- Software Asset Management exam:
Firstly, ServiceNow Fundamentals
Secondly, ServiceNow Implementation Methodology (SIM) Fundamentals (On-demand)
Subsequently, ServiceNow Platform Implementation
Furthermore, ServiceNow Platform Subscription Model (On-demand)
In addition, Scripting in ServiceNow Fundamentals
Also, System Administration Advanced (Recommended)
Subsequently, Discovery Fundamentals
Also, Microsoft SCCM
Furthermore, ServiceNow Client Software Distribution
Also, Costs
In addition, Contracts
Furthermore, Procurement
In addition, Service Catalogs
Subsequently, Assets & Configuration Items (CIs)
Lastly, SAM Certification Test Prep
Additional Recommended Experience
firstly, Six (6) months field experience participating in ServiceNow deployment
projects or maintaining ServiceNow instances
subsequently, Participation in at least two ServiceNow deployment projects
in addition, General familiarity with industry terminology, acronyms, and
initialisms
Syllabus details To get started with the preparation of CIS– Software Asset Management exam,
you need to be aware of the details of the syllabus and major testing domains.
All the CIS Software Asset Management Questions arise form this course outline
hence it is one of the most important part of your preparations. So let us get
started,
CIS– Software Asset Management
Firstly, Software Asset Core Overview & Fundamentals – 14% Software Asset Management Basics
Process Architecture
Application Introduction and Recommended Practices
Secondly, Data Integrity – Attributes and Sources for the Data – 28% Importing Data
Software Discovery and Normalization
Content Service
Subsequently, Practical Management of Software Compliance – 30%
Products and Models
License Metrics, Entitlements, and Allocations
Software Reconciliation
Also, Operational Integration of Software Processes – 13%
Contract and Change Management
Service Catalog and Procurement
Software Remediation
Lastly, Extending SAM – 15% Software Model Lifecycle and Retirement
Software Installation Optimization
Reporting, Implementation, and Maintenance
Now, let us move towards the preparatory resources for the CIS– Software Asset
Management Professional exam. These some of the top suggested learning resources
that will boost your chances to qualify CIS – Software Management Exam.
Preparatory Guide for CIS – Software Asset Management Exam
ServiceNow says that only preparation from reliable resources available should
be preferred more as the other sources can be fraudulent too. In order to
succeed in the exam, you must make sure that the resources are correct in terms
of content and fulfils the criteria of the syllabus prescribed. There are so
many resources you can use for CIS Software Asset Management Exam Preparation.
Let us just stuck to the rule of reliability and look at some handful of
reliable resources with our
CIS Software Asset Management Study Guide
CIS – Software Asset Management Official Site
The official site provide knowledge on various technicalities of the exam. Also,
the official site of the CIS– Software Asset Management Professional exam
provide different courses that are necessary for generating the exam voucher
code which is necessary for registration. Always remember to gather all the
information from the official site as it is the first and foremost reliable
source of collecting even the minute detail about the CIS– Software Asset
Management Professional exam.
Join ServiceNow community
This community is actually the online forum which consists of ServiceNow
professionals and others who have passed the certification examinations. You an
ask your doubts without any hesitation from the community members, also, this
resource is very much reliable one as it is officially regulated by ServiceNow.
Also, You can discuss your strategy for studying or what resources you should
prefer or any other difficulty you face in CIS– Software Asset Management
Professional exam preparation. You will find every answer in the community and
this will really help you to ace the CIS– Software Asset Management Professional
exam.
Test Series and Practice Exams Test series and sample-papers helps you to build confidence. You do not feel
strange when you attempt the exam. By taking as much as possible practice of the
sample papers you will be aware of your loopholes. You will finally know how
much time to devote on which topic. Practicing as much as you can will help you
reach the next level and will also help to answer the tricky questions of the
CIS– Software Asset Management Professional exam. There are many reliable
sources of test series and some are even available at the official site too.
Start Practicing for Servicenow CIS Software Asset Management Practice Tests Now
Build your own strategy For taking this CIS– Software Asset Management Professional exam, you need
to build your own strategy for work-study balance. Fix a part of the day in
which you will be studying for the exam and also keeping your distractions away.
Categorize your syllabus into parts like that can be done verbally and the other
that requires writing or hands-on practice. This will help you to learn things
properly and will help you clear your concepts. Following your timetable quickly
will surely help you pass the exam with flying colours.
Expert’s Corner CIS– Software Asset Management Professional exam is quite a challenging exam
and require a lot of patience, hard work and dedication. All these qualities
along with the right set of resources will help to ace the exam. You will surely
pass the CIS– Software Asset Management Professional exam and prove the skills
to everyone. This will help you to stand out in the crowd and also, provide you
an edge over other people.
QUESTION 1
Which of the following data elements are key to an effective Software Asset
Management practice within ServiceNow? (Choose four.)
A. Software allocations
B. Software models
C. Foundation data
D. Software contracts
E. Software entitlements
Correct Answer: ABCE
QUESTION 2 Within Software Asset Management there are many key terms to understand,
what is the best definition for Normalization?
A. One or more use rights assigned to a specific device or user
B. Classification of the acquired software
C. The process of standardizing discovered software installation to defined
norms
D. The process of producing a compliance position by comparing the number of
software rights acquired against the normalized software inventory
E. Software license details that define use rights
Correct Answer: C
QUESTION 3 Which discovery sources are recommended by ServiceNow to populate ServiceNow
software installation table? (Choose two.)
A. ServiceNow Service Mapping
B. HP UCMDB
C. Microsoft SCCM
D. ServiceNow Discovery
E. ServiceNow Orchestration
Correct Answer: AD
QUESTION 4 How are the Software Asset Management Professional Plugins activated?
A. They are requested from and activated by an admin user
B. They are activated by the sam_developer user
C. They are activated by the sam_admin user
D. They are requested from and activated by ServiceNow support
E. They are activated by default in the base ServiceNow system
Correct Answer: A
QUESTION 5 Which of the following are NOT features of the Publisher workbench
navigation tree? (Choose two.)
A. Expand and collapse tree links
B. List of all publishers
C. Software model compliance icons
D. Filter products
E. Compliance toggle switch
F. List of all publishers out of compliance
Professional Services for Network Security To provide confidence in your firewall-as-a-platform implementation, Palo
Alto Networks provides Design, QuickStart, Optimization, and Operations
Professional Service offerings. The services are matched with your technology
capabilities to provide right-sized solutions to meet your business needs. The
outcomes of the services are a well-planned and accelerated deployment of Strata
technology, adhering to best practices, with operational efficiencies to Secure
the Enterprise.
Create a roadmap. Execute confidently. Achieve your goals.
Ensure a solid foundation for your implementation with a high-level architecture
design or targeted designs for platform components. The designs are based on
best practices and your business requirements, that you can execute to adopt the
desired capabilities in a meaningful way to solve technical and business
requirements.
QuickStart Services
Accelerate time to value. Utilize best practices. Deploy confidently.
Expedite your successful deployment of the firewall-as-a-service components with
day-one protection. Expert planning and execution, adhering to best practices,
provide risk mitigation at every step.
Integration, Optimization and Automation Optimize your operations. Integrate your technologies. Enable Your Team.
Customize your Palo Alto Networks technology deployments to optimize operations,
simplify investigations, and empower your team with effective use of
capabilities.
Operations, Administration, and Management Services
Extend your team. Compliment your transformation. Access product expertise, ongoing configuration assistance, and security
threat specialists to achieve continuous improvement and stay on top of
ever-changing threats and evolving business challenges.
QUESTION 1 What is the key benefit of Palo Alto Networks Single Pass Parallel
Processing design?
A. There are no benefits other than slight performance upgrades
B. It allows Palo Alto Networks to add new functions to existing hardware
C. Only one processor is needed to complete all the functions within the box
D. It allows Palo Alto Networks to add new devices to existing hardware
Correct Answer: C
QUESTION 2 Which security profile on the NGFW includes signatures to protect you from
brute force attacks?
A. Zone Protection Profile
B. URL Filtering Profile
C. Vulnerability Protection Profile
D. Anti-Spyware Profile
Correct Answer: C
QUESTION 3 The need for a file proxy solution, virus and spyware scanner, a
vulnerability scanner, and HTTP decoder for
URL filtering is handled by which component in the NGFW?
A. First Packet Processor
B. Stream-based Signature Engine
C. SIA (Scan It All) Processing Engine
D. Security Processing Engine
Languages: English
Retirement date: none
This exam measures your ability to accomplish the following technical tasks:
plan and configure a Microsoft Teams environment; manage chat, teams, channels,
and apps; manage calling and meetings; and monitor and troubleshoot a Microsoft
Teams environment.
Skills measured The content of this exam will be updated on September 24, 2021. Please
download the exam skills outline below to see what will be changing.
Plan and configure a Microsoft Teams environment (35-40%)
Manage chat, teams, channels, and apps (25-30%)
Manage calling and meetings (15-20%)
Monitor and troubleshoot a Microsoft Teams environment (10-15%)
This exam will be updated on September 24, 2021. Following the current exam
guide, we have included a version of the exam guide with Track Changes set to
“On,” showing the changes that will be made to the exam on that date.
The exam guide below includes the changes that will be
implemented on September 24, 2021.
Audience Profile Candidates for this exam are Microsoft Teams administrators who manage
Microsoft Teams to facilitate efficient and effective collaboration and
communication in a Microsoft 365 environment.
Candidates for this exam must be able to plan, deploy, configure, and secure
Teams chat, apps, channels, meetings, audio/video conferencing, live events,
calling, and Microsoft Teams-certified devices. Candidates should have
experience integrating Microsoft Teams with other workloads, including
SharePoint, OneDrive, Exchange, Microsoft 365 Groups, Power Platform, and with
other Microsoft apps, third-party apps, and custom apps.
A Microsoft Teams Administrator also collaborates other functions, such as
networking, telephony, licensing, security, compliance, user adoption, app
development, and support.
Skills Measured NOTE: The bullets that follow each of the skills measured are intended to
illustrate how we are assessing that skill. This list is NOT definitive or
exhaustive.
NOTE: Most questions cover features that are general availability (GA). The exam
may contain questions on Preview features if those features are commonly used.
Plan and configure a Microsoft Teams Environment (35-40%) Plan and configure network settings for Microsoft Teams
calculate network bandwidth capacity for Microsoft Teams voice, video,
meetings, and Live Events
analyze network usage by using Network Planner
specify requirements for outbound network ports and protocols for Microsoft
Teams
determine WAN optimizer, proxy, and load balancer recommendations for
Microsoft Teams
configure Tenant Data Upload in Microsoft Call Quality Dashboard
configure reporting labels for Microsoft Teams
assess network readiness by using Microsoft 365 network connectivity test and
dashboard
configure QoS port range and DSCP markings
Identify licensing requirements for Microsoft Teams
identify required licensing for compliance features
identify appropriate licensing for advanced lifecycle management of teams
identify appropriate licensing for guest access
identify appropriate licensing for calling, Phone System, and resource
accounts
identify appropriate licensing for Microsoft Teams Rooms and Common Area
Phones
identify appropriate licensing for apps in Microsoft Teams
Plan and configure security and compliance settings for Microsoft Teams
plan alerts for Microsoft Teams
choose appropriate administration roles
plan threat policies
plan and configure retention policies
plan and configure sensitivity labels
plan Data Loss Prevention (DLP) policies
plan for conditional access and MFA for Microsoft Teams
plan information barrier policies
Plan and implement governance and lifecycle management for Microsoft Teams
plan and manage Microsoft Teams preview features with Microsoft Teams update
policies
create and manage policy packages in Microsoft Teams
plan policy assignment for users and groups
set up policies for Microsoft 365 Groups creation
configure an expiration policy for Microsoft 365 groups
configure a naming policy for Microsoft 365 Groups
archive, delete, or unarchive one or more teams
restore or troubleshoot deletion of one or more Microsoft 365 Groups
manage Azure AD access review for members and guests
perform bulk user operations with PowerShell
Configure and manage external and guest users
configure SharePoint and OneDrive organizational level sharing settings
manage external file sharing setting for OneDrive users
manage external file sharing setting for SharePoint sites
manage external access-federated domains
manage guest users for Microsoft Teams from the Microsoft Teams Admin Center
configure guest access to Microsoft Teams from Azure AD admin center
allow or prevent owners from adding guests
configure guest access to a specific team
remove guests
Configure and manage Microsoft Teams devices configure Microsoft Teams for VDI
manage configuration profiles for Teams devices
manage Microsoft Teams device tags
manage device settings and firmware
provision and configure remote sign-in for new devices
Manage chat, teams, channels, and apps (25-30%)
Create and manage teams create teams
manage privacy levels for a team
create a team from a default or custom template
create a team from existing resources
plan and manage org-wide teams
add and remove users in a team
assign and modify user roles in a team
configure dynamic membership
Plan and manage channels plan for channel types
create channels
manage Microsoft Teams channel settings
create and manage Microsoft Teams policies for private channels
manage private channel membership
Manage chat and collaboration experiences create and manage messaging policies
configure email integration from Microsoft Teams settings
manage cloud file storage options
choose an appropriate coexistence mode
Manage apps for Microsoft Teams manage Org-wide app settings
create and manage app permission policies
create and manage app setup policies
add apps, connectors, tabs, and messaging extensions to a team
customize the app store
publish and configure a custom app to Microsoft Teams
Manage calling and meetings (15-20%)
Manage meeting experiences configure meeting settings
create and manage meeting policies
create and manage conference bridges
configure live events settings
create and manage live events policies
Manage phone numbers
evaluate when to use Calling Plan versus Direct Routing
plan and configure emergency servicescalling
policies
add, change, or remove an emergency address for your organization
provision and manage organizational phone numbers for users, services, and
conferencing bridges
assign, change, or remove a phone number for a user
assign a phone number to a resource account
Manage Phone System for Microsoft Teams create and manage call park policies
create and manage calling policies
create and manage caller ID policies
manage user voice settings
create and manage dial plans
interpret a dial plan
identify potential issues by using the Health Dashboard for Direct Routing
create and manage resource accounts
create and manage call queues
create and manage auto attendants
Monitor and troubleshoot a Microsoft Teams Environment (10-15%)
Monitor and report on a Microsoft Teams environment
monitor and report on voice and meeting quality
report on user adoption, including Productivity Score, team usage, app usage,
active users, and per-meeting metrics
monitor and report on creation and deletion of teams
monitor and report on guest access
manage Notifications & alerts rules from the
Microsoft Teams admin center
Troubleshoot audio, video, and client issues troubleshoot chat and presence issues
identify, collect, and interpret client logs
troubleshoot issues by using Call Analytics
troubleshoot Microsoft Teams sign-in issues by using Azure AD sign in logs
identify potential issues by using Call Quality Dashboard
QUESTION 1
Note: This question is part of a series of questions that present the same
scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some
question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to
it. As a result, these
questions will not appear in the review screen.
Your company has a Microsoft 365 subscription.
You plan to configure the environment to allow external users to collaborate in
Microsoft Teams by using guest access.
The company implements a new security policy that has the following
requirements:
Only guest users from specific domains must be allowed to connect to collaborate
by using Microsoft Teams.
Guest users must be prevented from inviting other guests.
You need to recommend a solution to meet the security policy requirements.
Solution: From the Azure Active Directory, you modify the External collaboration
settings.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
QUESTION 2 Your company has a Microsoft 365 subscription.
You need to ensure that users from a partner company named Contoso, Ltd. can
collaborate with your
company's users in teams. The solution must ensure that the Contoso users can
exchange chat messages in channels.
Which three actions should you perform before you add the Contoso users to
teams? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
A. From the Services & add-ins settings in the Microsoft 365 admin center, set
Let group members outside the organization access group content to On.
B. From the Guest access settings in the Microsoft Teams admin center, set Allow
guest access in Microsoft Teams to On.
C. From the External collaboration settings in the Azure Active Directory admin
center, add Contoso's domain to the list of target domains.
D. From the External access settings in the Microsoft Teams admin center, add
Contoso's domain to the Allowed list of domains.
E. From the External collaboration settings in the Azure Active Directory admin
center, set Guest users permissions are limited to No.
F. From the Services & add-ins settings in the Microsoft 365 admin center, set
Let group owners add people outside the organization to groups to On.
Correct Answer: ABF
QUESTION 3 You have a Microsoft 365 subscription that contains two users named User1
and User2. The users are provisioned for Microsoft Teams calling.
User1 is on leave for two weeks.
You need to ensure that User2 is notified of all calls to User1 while User1 is
away.
Which two actions should you perform? Each correct answer presents part of the
solution.
NOTE: Each correct selection is worth one point.
A. From Voice, add User2 to group call pickup.
B. From Voice, add User1 to group call pickup.
C. From Policies, modify the voice routing policy.
D. From the Microsoft Teams admin center, modify the settings of User2.
E. From the Microsoft Teams admin center, modify the settings of User1.
Correct Answer: AE
QUESTION 4 Your company has five offices. Each office has a unique phone number.
You plan to deploy Phone System to all the offices.
You need to ensure that each office has a unique greeting message for the
weekdays and a unique greeting
message for the weekends. The solution must minimize administrative effort.
What should you create?
A. one auto attendant that contains all five phone numbers
B. one call queue that contains all five phone numbers
C. five auto attendants that each contains one phone number
D. five call queues that each contains one phone number
Correct Answer: C
QUESTION 5 Your company has a Microsoft 365 subscription that uses Phone System and
Calling Plans.
You plan to implement a toll phone number for the helpdesk.
You need to implement the following call features for the helpdesk phone number:
Must include a greeting and hold music
Must bypass menu options when a call is established to the helpdesk
What two resources should you create? Each correct answer presents part of the
solution.
NOTE: Each correct selection is worth one point.
A. a call queue
B. a call park
C. an auto attendant
D. a resource account
E. a calling policy
MSP 5th edition Foundation is designed to support programme or project
managers, those working in a programme office, business change managers, and
programme and project delivery team members, that wish to gain a greater
understanding of the MSP guidance to work more effectively in large-scale
project or programme environments.
MSP 5th edition Practitioner is for project, programme, and business change
managers that want to build on their knowledge of MSP, in order to practically
apply the MSP framework to real life scenarios, providing the skills to lead and
manage a programme.
ACCESS DURATION 180 access days to the platform
2 voucher codes valid for 1 year
NOTA BENE: you will have access to both courses, Foundation and Practitioner, but you
must have taken and passed the Foundation exam in order to access the
Practitioner exam. It is therefore recommended to pay attention to deadlines and
to book the Foundation exam in good time, in order to do later the Practitioner
exam within the expiration date.
MSP 5th edition FULL ONLINE COURSE DETAILS
MSP® 5th edition Foundation course details: 20 lessons (4 hours of video recorded by an accredited teachers)
Downloadable PDF documents with detailed content (slides, explanations) for each
lesson
2 official mock exams
Exercises and solutions
Access 24/7
To complete the course and have an optimal exam preparation, we recommend you to
spend at least 21 hours of study.
MSP® 5th edition Practitioner course details: 18 lessons (3 hours of video recorded by an accredited teachers)
Downloadable PDF documents with detailed content (slides, explanations) for each
lesson
2 official mock exams
Exercises and solutions
Access 24/7
To complete the course and have an optimal exam preparation, we recommend you to
spend at least 14 hours of study. MSP 5th edition Foundation
ONLINE EXAM FORMAT Multiple choice questions
75 questions with one mark available
Five questions to be trial and not counted in scores
35 marks required to pass (out of 70 marks available) - 50%
60 minutes duration
Closed book
MSP 5th edition Practitioner ONLINE EXAM FORMAT
Objective testing
Eight questions per paper, 80 marks available in total
40 marks required to pass - 50%
Two-and-a-half hours duration
Open book exam.
Candidates may use the official printed hard copy of the Managing Successful
Programmes The manual may be annotated and tabulated but no sticky notes or
loose-leaf papers containing additional notes will be allowed.
ONLINE EXAM FORMAT AND CHARACTERISTICS You will receive your exam voucher code at the activation of the courses.
Each voucher code will be valid for 1 year. These will allow you to access the
Examination Institute portal and schedule autonomously accurate date and time of
the exam, according to the proposed timetable.
For more information about technical requirements and online exam procedure,
please click here.
Objectives The MSP Foundation is intended to assess whether the candidate can
demonstrate sufficient recall and understanding of the MSP programme management
framework to be awarded the MSP Foundation qualification.
MSP Practitioner objectives are understand how to apply the MSP principles in
context and understand how to apply and tailor relevant aspects of the MSP
themes in context.
Who it is aimed at MSP Foundation is invaluable for individuals who are interested in learning
how to manage multiple projects and programmes successfully. It is designed to
support programme or project managers, people working in a programme office,
business change managers, and programme and project delivery team members who
wish to gain a greater understanding of the MSP guidance to work more
effectively in large scale project or programme environments.
MSP Practitioner is designed for project, programme and business change managers
who want to apply the MSP framework to real-life scenarios. Practitioner is a
must-have certification for both project and programme management professionals
who need to deliver organizational value for their employers and to boost their
careers.
Contents
Introduction to the course
Introduction to MSP
MSP principles
Brief outline of the process journey
Introduction to themes
Organization theme
Design theme
Justification theme
Structure theme
Knowledge theme
Assurance theme
Decisions theme
Introduction to the processes
Identify the programme
Design the outcomes
Plan progressive delivery
Deliver the capabilities
Embed the outcomes
Evaluate new information
Close the programme
Prerequisites
There are no prerequisites in order to access MSP 5th edition Foundation course
and exam.
In order to access MSP 5th edition Practitioner course and exam students must
hold an MSP® 5th edition Foundation certificate.
The official electronic certificate (e-certificate) is provided free of charge
and automatically, as a result of exam, and it has the same validity of the
paper certificate.
If you still want to receive the paper certificate, in addition to the
electronic certificate, choose this option. The certificate will be sent
directly to the address you provide at the exam registration.
QUESTION 1 Under which heading in the POTI model should the current performance level
of an operational area be recorded?
A. Process
B. Organization
C. Technology
D. Information
Correct Answer: A
QUESTION 2 Which document should be used to provide guidance on the standards that
should be followed when producing outputs?
A. Projects Dossier
B. Project Brief
C. Programme Blueprint
D. Programme Brief
Correct Answer: B
QUESTION 3 Which risk response encourages collaboration on risk management activities?
A. Avoid
B. Reduce
C. Share
D. Prepare contingent plans
The Microsoft Security Operations Analyst collaborates with organizational
stakeholders to secure information technology systems for the organization.
Their goal is to reduce organizational risk by rapidly remediating active
attacks in the environment, advising on improvements to threat protection
practices, and referring violations of organizational policies to appropriate
stakeholders.
Responsibilities include threat management, monitoring, and response by using a
variety of security solutions across their environment. The role primarily
investigates, responds to, and hunts for threats using Microsoft Azure Sentinel,
Azure Defender, Microsoft 365 Defender, and third-party security products. Since
the Security Operations Analyst consumes the operational output of these tools,
they are also a critical stakeholder in the configuration and deployment of
these technologies.
Beta exams are not scored immediately because we are gathering data on the
quality of the questions and the exam. Learn more about the value and importance
of beta exams.
Part of the requirements for: Microsoft Certified: Security Operations Analyst
Associate
Related exams: none
Important: See details
Go to Certification Dashboard
Exam SC-200: Microsoft Security Operations Analyst (beta)
Languages: English
Retirement date: none
This exam measures your ability to accomplish the following technical tasks:
mitigate threats using Microsoft 365 Defender; mitigate threats using Azure
Defender; and mitigate threats using Azure Sentinel.
Skills measured Mitigate threats using Microsoft 365 Defender (25-30%)
Mitigate threats using Azure Defender (25-30%)
Mitigate threats using Azure Sentinel (40-45%)
Audience Profile The Microsoft Security Operations Analyst collaborates with organizational
stakeholders to secure information technology systems for the organization.
Their goal is to reduce organizational risk by rapidly remediating active
attacks in the environment, advising on improvements to threat protection
practices, and referring violations of organizational policies to appropriate
stakeholders.
Responsibilities include threat management, monitoring, and response by using a
variety of security solutions across their environment. The role primarily
investigates, responds to, and hunts for threats using Microsoft Azure Sentinel,
Azure Defender, Microsoft 365 Defender, and third-party security products. Since
the security operations analyst consumes the operational output of these tools,
they are also a critical stakeholder in the configuration and deployment of
these technologies.
Skills Measured NOTE: The bullets that appear below each of the skills measured are intended
to illustrate how we are assessing that skill. This list is not definitive or
exhaustive.
NOTE: Most questions cover features that are General Availability (GA). The exam
may contain questions on Preview features if those features are commonly used.
Mitigate threats using Microsoft 365 Defender (25-30%) Detect, investigate, respond, and remediate threats to the productivity
environment by using Microsoft Defender for Office 365
detect, investigate, respond, remediate Microsoft Teams, SharePoint, and
OneDrive for Business threats
detect, investigate, respond, remediate threats to email by using Defender for
Office 365
manage data loss prevention policy alerts
assess and recommend sensitivity labels
assess and recommend insider risk policies
Detect, investigate, respond, and remediate endpoint threats by using
Microsoft Defender for Endpoint manage data retention, alert notification, and advanced features
configure device attack surface reduction rules
configure and manage custom detections and alerts
respond to incidents and alerts
manage automated investigations and remediations Assess and recommend endpoint
configurations to reduce and remediate vulnerabilities by using Microsoft’s
Threat and Vulnerability Management solution.
manage Microsoft Defender for Endpoint threat indicators
analyze Microsoft Defender for Endpoint threat analytics
Detect, investigate, respond, and remediate identity threats identify and remediate security risks related to sign-in risk policies
identify and remediate security risks related to Conditional Access events
identify and remediate security risks related to Azure Active Directory
identify and remediate security risks using Secure Score
identify, investigate, and remediate security risks related to privileged
identities
configure detection alerts in Azure AD Identity Protection
identify and remediate security risks related to Active Directory Domain
Services using Microsoft Defender for Identity
identify, investigate, and remediate security risks by using Microsoft Cloud
Application Security (MCAS)
configure MCAS to generate alerts and reports to detect threats
Manage cross-domain investigations in Microsoft 365 Defender Portal manage incidents across Microsoft 365 Defender products
manage actions pending approval across products
perform advanced threat hunting
Mitigate threats using Azure Defender (25-30%)
Design and configure an Azure Defender implementation plan and configure an Azure Defender workspace
configure Azure Defender roles
configure data retention policies
assess and recommend cloud workload protection
Plan and implement the use of data connectors for ingestion of data sources in
Azure Defender identify data sources to be ingested for Azure Defender
configure Automated Onboarding for Azure resources
connect non-Azure machine onboarding
connect AWS cloud resources
connect GCP cloud resources
configure data collection
Manage Azure Defender alert rules validate alert configuration
setup email notifications
create and manage alert suppression rules
Configure automation and remediation
configure automated responses in Azure Security Center
design and configure playbook in Azure Defender
remediate incidents by using Azure Defender recommendations
create an automatic response using an Azure Resource Manager template
Investigate Azure Defender alerts and incidents describe alert types for Azure workloads
manage security alerts
manage security incidents
analyze Azure Defender threat intelligence
respond to Azure Defender for Key Vault alerts
manage user data discovered during an investigation
Mitigate threats using Azure Sentinel (40-45%)
Design and configure an Azure Sentinel workspace plan an Azure Sentinel workspace
configure Azure Sentinel roles
design Azure Sentinel data storage
configure Azure Sentinel service security
Plan and Implement the use of Data Connectors for Ingestion of Data Sources in
Azure Sentinel identify data sources to be ingested for Azure Sentinel
identify the prerequisites for a data connector
configure and use Azure Sentinel data connectors
design Syslog and CEF collections
design and Configure Windows Events collections
configure custom threat intelligence connectors
create custom logs in Azure Log Analytics to store custom data
Configure Security Orchestration Automation and Remediation (SOAR) in Azure
Sentinel create Azure Sentinel playbooks
configure rules and incidents to trigger playbooks
use playbooks to remediate threats
use playbooks to manage incidents
use playbooks across Microsoft Defender solutions
Manage Azure Sentinel Incidents investigate incidents in Azure Sentinel
triage incidents in Azure Sentinel
respond to incidents in Azure Sentinel
investigate multi-workspace incidents
identify advanced threats with User and Entity Behavior Analytics (UEBA)
Use Azure Sentinel workbooks to analyze and interpret data activate and customize Azure Sentinel workbook templates
create custom workbooks
configure advanced visualizations
view and analyze Azure Sentinel data using workbooks
track incident metrics using the security operations efficiency workbook
Hunt for threats using the Azure Sentinel portal create custom hunting queries
run hunting queries manually
monitor hunting queries by using Livestream
perform advanced hunting with notebooks
track query results with bookmarks
use hunting bookmarks for data investigations
convert a hunting query to an analytical rule
QUESTION 1
The issue for which team can be resolved by using Microsoft Defender for
Endpoint?
A. executive
B. sales
C. marketing
Correct Answer: B
QUESTION 2 The issue for which team can be resolved by using Microsoft Defender for
Office 365?
A. executive
B. marketing
C. security
D. sales
Correct Answer: B
QUESTION 3 You need to implement the Azure Information Protection requirements.
What should you configure first?
A. Device health and compliance reports settings in Microsoft Defender Security
Center
B. scanner clusters in Azure Information Protection from the Azure portal
C. content scan jobs in Azure Information Protection from the Azure portal
D. Advanced features from Settings in Microsoft Defender Security Center
Correct Answer: D
QUESTION 4 You need to modify the anomaly detection policy settings to meet the Cloud
App Security requirements.
Which policy should you modify?
A. Activity from suspicious IP addresses
B. Activity from anonymous IP addresses
C. Impossible travel
D. Risky sign-in
Exam ID :HPE6-A72
Exam type: Proctored
Exam duration: 1 hour 30 minutes
Exam length : 60 questions
Passing score : 75%
Delivery languages: Latin American Spanish, Japanese, English
Supporting resources: ArubaOS-CX Switching Fundamentals, Rev. 20.21
Additional study materials : Aruba Certified Switching Associate (HPE6-A72)
Study Guide
Ideal candidateIT Professionals who are new to deploying SMB solutions based on
HPE Aruba products and technologies, including HPE Aruba Reseller Systems
Engineers, Customer IT Staff, HPE Aruba System Engineers, and HPE Services Field
& Call Center Support Engineers.
Exam contents This exam has 60 questions.
Advice to help you take this exam
Complete the training and review all course materials and documents before you
take the exam.
Exam items are based on expected knowledge acquired from job experience, an
expected level of industry standard knowledge, or other prerequisites (events,
supplemental materials, etc.).
Successful completion of the course alone does not ensure you will pass the
exam.
Read this HPE Exam Preparation Guide and follow its recommendations.
Visit HPE Press for additional reference materials, study guides, practice
tests, and HPE books.
This exam validates that you can:
23% Identify, describe, and apply foundational networking architectures and
technologies. Describe and explain the OSI Model.
Describe and explain the most common layer media (Layer 1).
Describe the basics of Layer 2 Ethernet, including broadcast domains and ARP
messages.
Interpret an IP routing table and explain default routes, static routing, and
dynamic routing, including OSPF.
Define and recognize the purpose and interaction of Layer 4 (Transport)
protocols in an IP network.
Identify and describe multicast traffic and its purpose on a network.
Identify the role of TFTP, SFTP, FTP, Telnet, and SNMPv2 in managing Aruba
network devices and how to apply the appropriate security for these features
Identify and describe the concept of QoS and explain its significance in
converged networks.
Describe and explain basic network security setup on Aruba switches.
Describe Layer 2 redundancy technologies such as STP/RSTP/MSTP and VSF,
including their benefits.
Describe and apply link aggregation.
Identify, describe, and explain VLANs
Describe network management.
Describe the concepts of server-related networking (NIC and CNA).
17% Identify, describe, and differentiate the functions and features of Aruba
products and solutions. Identify basic features and management options for Aruba wired products
Compare and contrast Aruba Networking solutions and features and identify the
appropriate product for an environment
Identify which Aruba Networking products should be positioned given various
customer environments and infrastructure needs (include the criteria needed to
make such a recommendation).
Identify and describe available toolsets for managing Aruba Networking products
(CLI-based, web, scripted, SNMP, NetEdit, mobile app, and API).
27% Install, configure, set up, and validate Aruba solutions. Perform an environmental survey for site readiness.
Configure basic features on Aruba switches, including initial settings and
management access.
Configure Aruba switches with Layer 2 technologies such as RSTP/MSPT, link
aggregation, VLANs, LLDP, and device profiles.
Configure basic IP routing with static routes or OSPF on Aruba switches.
Configure the management software and manage configuration files on Aruba
switches. Manage the software and configuration files on Aruba switches; NetEdit
Validate the installed solution via debug technology, logging, and show
commands.
13% Tune, optimize, and upgrade Aruba solutions. Optimize layer 2 and layer 3 infrastructures via broadcast domain reduction,
VLANs, and VSF.
Manage network assets using Aruba tools.
Verify L3 routing tables convergence and scalability (OSPF, RIP, static routes,
ECMP, directly connected).
Assess how to optimize network availability (vrrp, vsf, trunks, xstp, additional
hardware redundancy)
12% Troubleshoot, repair, and replace Aruba solutions Troubleshoot switched and routed networks.
Apply troubleshooting methodology.
Use general troubleshooting tools.
Perform troubleshooting methodology on the wired networks.
8% Manage, monitor, administer and operate Aruba solutions. Perform network management according to best practices.
Perform Administrative tasks (Moves / Adds / Changes / Deletions) (Add new
devices, VLAN assignment)
Given the configuration on the CORE switch shown above, what command would
follow to assign the switched virtual interface (SVI) vlan 50 to the VRF
created?
A. Core(config-if-vlan)# vrf attach Green
B. Core(config-if-vlan)# ip vpn-instance Green
C. Core(config-if-vlan)# ip vrf forwarding Green
D. Core(config-if-vlan)# routing-context Green vrf
Correct Answer: A
QUESTION 2 What is the correct description of a Multi-Layer Switch?
A. a switch with Layer 3 routing capabilities but lacks any Layer 1 features as
a consequence
B. any switch that supports PoE, LLDP-MED and Flow Control
C. has all the functionality of a Layer 2 switch and most of the functionality
of a Layer 3 router
D. multi-Layer refers specifically to using chassis switches with several line
cards over stack port switches
Correct Answer: C
QUESTION 3 What is true about VSX? (Choose two.)
A. VSX is ideal for Campus access layer deployments where ease of deployment is
needed.
B. VSX allows upgrading members with near zero downtime or loss of packets.
C. VSX is available on all Aruba OS-CX switches except the 6300F model.
D. VSX is implemented on static port switches. VSX-plus needed to stack chassis
together.
E. VSX run separate control planes to reduce latency and improve performance.
Introduction The AWS Certified SysOps Administrator – Associate (SOA-C02) exam is
intended for system administrators in a cloud operations role who have at least
1 year of hands-on experience with deployment, management, networking, and
security on AWS.
The exam validates a candidate’s ability to complete the following tasks: Deploy, manage, and operate workloads on AWS
Support and maintain AWS workloads according to the AWS Well-Architected
Framework
Perform operations by using the AWS Management Console and the AWS CLI
Implement security controls to meet compliance requirements
Monitor, log, and troubleshoot systems
Apply networking concepts (for example, DNS, TCP/IP, firewalls)
Implement architectural requirements (for example, high availability,
performance, capacity)
Perform business continuity and disaster recovery procedures
Identify, classify, and remediate incidents
Recommended AWS knowledge Minimum of 1 year of hands-on experience with AWS technology
Experience in deploying, managing, and operating workloads on AWS
Understanding of the AWS Well-Architected Framework
Hands-on experience with the AWS Management Console and the AWS CLI
Understanding of AWS networking and security services
Hands-on experience in implementing security controls and compliance
requirements
Exam content Response types
Three types of questions can appear on the exam. You might see some, or all, of
these question types: Multiple choice: Has one correct response and three incorrect responses (distractors).
Multiple response: Has two correct responses out of five options.
Exam lab: Has a scenario that is composed of a set of tasks to perform in the
AWS Management Console or AWS CLI.
Multiple choice and multiple response: Select one or more responses that best
complete the statement or answer the question. Distractors, or incorrect
answers, are response options that a candidate with incomplete knowledge or
skill would likely choose. However, they are generally plausible responses that
fit in the content area that is defined by the test objective.
Unanswered questions are scored as incorrect; there is no penalty for guessing.
All multiple-choice and multiple-response questions will appear at the start of
the exam in one section. The end of this section will include a review screen,
where you can return to any of the multiple-choice and multiple-response
questions. This will be the last opportunity to answer the questions or change
any answer selections. If your exam contains exam labs, that section will appear
after the multiple-choice and multiple-response section. You will NOT be able to
go back to the first section after you start the second section.
Exam labs: Complete the required tasks for a given scenario in the AWS
Management Console or AWS CLI in the provided AWS account.
When you begin your exam, you will receive notification about the number of
questions in the multiple-choice and multiple-response section, and the number
of exam labs in the exam lab section. You will also learn the percentage of your
score that will be determined by your work in the exam labs. Plan to leave 20
minutes to complete each exam lab.
Finish all work on an exam lab before moving to the next exam lab. You will NOT
be able to return to a prior exam lab. You are welcome to use the virtual
machine notepad or AWS CLI while working on your exam labs.
There might be more than one way to perform an exam lab. In those cases, you
will receive full credit if you achieve the correct end state to the scenario.
You will receive partial credit for partial completion of exam labs. However,
exam content and the associated scoring are confidential, so you will receive no
further information regarding partial credit that is awarded for an exam lab.
Tip: If you take your exam through online proctoring, you can use an external
monitor as your ONLY display. Set your screen resolution to 280 pixels x 1024
pixels or greater for a PC, and 1440 pixels x 900 pixels or greater for a Mac.
Set the scaling to 100%. Set the scaling to 100%. Other settings might result in
a need to scroll within the console.
For a sample of the multiple-choice and multiple-response questions and exam
labs, view the AWS Certified SysOps Administrator – Associate (SOA-C02) Sample
Exam Questions document.
Unscored content The exam will include unscored questions that do not affect your score. AWS
will gather information about candidate performance on these unscored questions
to evaluate these questions for future use as scored questions. These unscored
questions are not identified on the exam.
Exam results The AWS Certified SysOps Administrator – Associate (SOA-C02) exam is a pass
or fail exam. The exam is scored against a minimum standard established by AWS
professionals who follow certification industry best practices and guidelines.
Your results for the exam are reported as a score from 100–1,000. The minimum
passing score is 720. Your score shows how you performed on the exam as a whole
and whether or not you passed. Scaled scoring models are used to equate scores
across multiple exam forms that might have slightly different difficulty levels.
Your score report contains a table that classifies your performance at each
section level. This information is intended to provide general feedback about
your exam performance. The exam uses a compensatory scoring model, which means
that you do not need to achieve a passing score in each individual section. You
need to pass only the overall exam.
Each section of the exam has a specific weighting, so some sections have more
questions than other sections have. The table contains general information that
highlights your strengths and weaknesses. Use caution when interpreting
section-level feedback.
Content outline This exam guide includes weightings, test domains, objectives, and example
tasks only. It is not a comprehensive listing of the content on this exam. The
following table lists the main content domains and their
weightings.
Domain % of Exam
Domain 1: Monitoring, Logging, and Remediation 20%
Domain 2: Reliability and Business Continuity 16%
Domain 3: Deployment, Provisioning, and Automation 18%
Domain 4: Security and Compliance 16%
Domain 5: Networking and Content Delivery 18%
Domain 6: Cost and Performance Optimization 12%
TOTAL 100%
Domain 1: Monitoring, Logging, and Remediation 1.1 Implement metrics, alarms, and filters by using AWS monitoring and
logging services
Identify, collect, analyze, and export logs (for example, Amazon CloudWatch
Logs, CloudWatch Logs Insights, AWS CloudTrail logs)
Collect metrics and logs using the CloudWatch agent
Create CloudWatch alarms
Create metric filters
Create CloudWatch dashboards
Configure notifications (for example, Amazon Simple Notification Service
[Amazon SNS], Service Quotas, CloudWatch alarms, AWS Health events)
1.2 Remediate issues based on monitoring and availability metrics Troubleshoot or take corrective actions based on notifications and alarms
Configure Amazon EventBridge rules to trigger actions
Use AWS Systems Manager Automation documents to take action based on AWS
Config rules
Domain 2: Reliability and Business Continuity
2.1 Implement scalability and elasticity Create and maintain AWS Auto Scaling plans
Implement caching
Implement Amazon RDS replicas and Amazon Aurora Replicas
Implement loosely coupled architectures
Differentiate between horizontal scaling and vertical scaling
2.2 Implement high availability and resilient environments Configure Elastic Load Balancer and Amazon Route 53 health checks
Differentiate between the use of a single Availability Zone and Multi-AZ
deployments (for example, Amazon EC2 Auto Scaling groups, Elastic Load
Balancing, Amazon FSx, Amazon RDS)
Implement fault-tolerant workloads (for example, Amazon Elastic File System
[Amazon EFS], Elastic IP addresses)
Implement Route 53 routing policies (for example, failover, weighted, latency
based)
2.3 Implement backup and restore strategies Automate snapshots and backups based on use cases (for example, RDS
snapshots, AWS Backup, RTO and RPO, Amazon Data Lifecycle Manager, retention
policy)
Restore databases (for example, point-in-time restore, promote read replica)
Implement versioning and lifecycle rules
Configure Amazon S3 Cross-Region Replication
Execute disaster recovery procedures
Domain 3: Deployment, Provisioning, and Automation
3.1 Provision and maintain cloud resources Create and manage AMIs (for example, EC2 Image Builder)
Create, manage, and troubleshoot AWS CloudFormation
Provision resources across multiple AWS Regions and accounts (for example, AWS
Resource Access Manager, CloudFormation StackSets, IAM cross-account roles)
Select deployment scenarios and services (for example, blue/green, rolling,
canary)
Identify and remediate deployment issues (for example, service quotas, subnet
sizing, CloudFormation and AWS OpsWorks errors, permissions)
3.2 Automate manual or repeatable processes Use AWS services (for example, OpsWorks, Systems Manager, CloudFormation)
to automate deployment processes
Implement automated patch management
Schedule automated tasks by using AWS services (for example, EventBridge, AWS
Config)
Domain 4: Security and Compliance
4.1 Implement and manage security and compliance policies Implement IAM features (for example, password policies, MFA, roles, SAML,
federated identity, resource policies, policy conditions)
Troubleshoot and audit access issues by using AWS services (for example,
CloudTrail, IAM Access Analyzer, IAM policy simulator)
Validate service control policies and permission boundaries
Review AWS Trusted Advisor security checks
Validate AWS Region and service selections based on compliance requirements
Implement secure multi-account strategies (for example, AWS Control Tower, AWS
Organizations)
4.2 Implement data and infrastructure protection strategies Enforce a data classification scheme
Create, manage, and protect encryption keys
Implement encryption at rest (for example, AWS Key Management Service [AWS KMS])
Implement encryption in transit (for example, AWS Certificate Manager, VPN)
Securely store secrets by using AWS services (for example, AWS Secrets
Manager, Systems Manager Parameter Store)
Review reports or findings (for example, AWS Security Hub, Amazon GuardDuty,
AWS Config, Amazon Inspector)
Domain 5: Networking and Content Delivery
5.1 Implement networking features and connectivity Configure a VPC (for example, subnets, route tables, network ACLs,
security groups, NAT gateway, internet gateway )
Configure private connectivity (for example, Systems Manager Session Manager,
VPC endpoints, VPC peering, VPN)
Configure AWS network protection services (for example, AWS WAF, AWS Shield)
5.2 Configure domains, DNS services, and content delivery
Configure Route 53 hosted zones and records
Implement Route 53 routing policies (for example, geolocation, geoproximity)
Configure DNS (for example, Route 53 Resolver)
Configure Amazon CloudFront and S3 origin access identity (OAI)
Configure S3 static website hosting
5.3 Troubleshoot network connectivity issues Interpret VPC configurations (for example, subnets, route tables, network
ACLs, security groups)
Collect and interpret logs (for example, VPC Flow Logs, Elastic Load Balancer
access logs, AWS WAF web ACL logs, CloudFront logs)
Identify and remediate CloudFront caching issues
Troubleshoot hybrid and private connectivity issues
Domain 6: Cost and Performance Optimization
6.1 Implement cost optimization strategies Implement cost allocation tags
Identify and remediate underutilized or unused resources by using AWS services
and tools (for example, Trusted Advisor, AWS Compute Optimizer, Cost Explorer)
Configure AWS Budgets and billing alarms
Assess resource usage patterns to qualify workloads for EC2 Spot Instances
Identify opportunities to use managed services (for example, Amazon RDS, AWS
Fargate, EFS)
6.2 Implement performance optimization strategies Recommend compute resources based on performance metrics
Monitor Amazon EBS metrics and modify configuration to increase performance
efficiency
Implement S3 performance features (for example, S3 Transfer Acceleration,
multipart uploads)
Monitor RDS metrics and modify the configuration to increase performance
efficiency (for example, performance insights, RDS Proxy)
Enable enhanced EC2 capabilities (for example, enhanced network adapter,
instance store, placement groups)
QUESTION 1 A SysOps administrator is creating two AWS CloudFormation templates. The
first template will create a VPC
with associated resources, such as subnets, route tables, and an internet
gateway. The second template will
deploy application resources within the VPC that was created by the first
template. The second template
should refer to the resources created by the first template.
How can this be accomplished with the LEAST amount of administrative effort?
A. Add an export field to the outputs of the first template and import the
values in the second template.
B. Create a custom resource that queries the stack created by the first template
and retrieves the required values.
C. Create a mapping in the first template that is referenced by the second
template.
D. Input the names of resources in the first template and refer to those names
in the second template as a parameter.
Correct Answer: C
QUESTION 2 A company has deployed a web application in a VPC that has subnets in three
Availability Zones. The
company launches three Amazon EC2 instances from an EC2 Auto Scaling group
behind an Application Load Balancer (ALB).
A SysOps administrator notices that two of the EC2 instances are in the same
Availability Zone, rather than
being distributed evenly across all three Availability Zones. There are no
errors in the Auto Scaling group's activity history.
What is the MOST likely reason for the unexpected placement of EC2 instances?
A. One Availability Zone did not have sufficient capacity for the requested EC2
instance type.
B. The ALB was configured for only two Availability Zones.
C. The Auto Scaling group was configured for only two Availability Zones.
D. Amazon EC2 Auto Scaling randomly placed the instances in Availability Zones.
Correct Answer: B
QUESTION 3 A company is running an application on premises and wants to use AWS for
data backup. All of the data must
be available locally. The backup application can write only to block-based
storage that is compatible with the
Portable Operating System Interface (POSIX).
Which backup solution will meet these requirements?
A. Configure the backup software to use Amazon S3 as the target for the data
backups.
B. Configure the backup software to use Amazon S3 Glacier as the target for the
data backups.
C. Use AWS Storage Gateway, and configure it to use gateway-cached volumes.
D. Use AWS Storage Gateway, and configure it to use gateway-stored volumes.
Correct Answer: D
QUESTION 4 A company asks a SysOps administrator to ensure that AWS CloudTrail files
are not tampered with after they
are created. Currently, the company uses AWS Identity and Access Management (IAM)
to restrict access to
specific trails. The company's security team needs the ability to trace the
integrity of each file.
What is the MOST operationally efficient solution that meets these requirements?
A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that invokes an
AWS Lambda function
when a new file is delivered. Configure the Lambda function to compute an MD5
hash check on the file and
store the result in an Amazon DynamoDB table. The security team can use the
values that are stored in
DynamoDB to verify the integrity of the delivered files.
B. Create an AWS Lambda function that is invoked each time a new file is
delivered to the CloudTrail bucket.
Configure the Lambda function to compute an MD5 hash check on the file and store
the result as a tag in
an Amazon 53 object. The security team can use the information in the tag to
verify the integrity of the
delivered files.
C. Enable the CloudTrail file integrity feature on an Amazon S3 bucket. Create
an IAM policy that grants the
security team access to the file integrity logs that are stored in the S3
bucket.
D. Enable the CloudTrail file integrity feature on the trail. The security team
can use the digest file that is
created by CloudTrail to verify the integrity of the delivered files.
