112-51 Exam Dumps : Network Defense Essentials (NDE) Exam

The loT communication model that serves as an analyzer for a company to track monthly or yearly energy consumption is the device-to-cloud model. The device-to-cloud model is a loT communication model where the loT devices, such as smart meters, sensors, or thermostats, send data directly to the cloud platform, such as AWS, Azure, or Google Cloud, over the internet. The cloud platform then processes, analyzes, and stores the data, and provides feedback, control, or visualization to the users or applications. The device-to-cloud model enables the company to monitor and optimize the energy consumption of the loT devices in real time, and to leverage the cloud services, such as machine learning, big data analytics, or artificial intelligence, to perform advanced energy management and demand response.The device-to-cloud model also reduces the complexity and cost of the loT infrastructure, as it does not require intermediate gateways or servers to connect the loT devices to the cloud123.References:

• Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-38 to 3-39
• loT Communication Models: Device-to-Device, Device-to-Cloud, Device-to-Gateway, and Back-End Data-Sharing, DZone, July 9, 2018
• loT Communication Models: Device-to-Device, Device-to-Cloud, Device-to-Gateway, and Back-End Data-Sharing, Medium, March 26, 2019

Deterrent controls are a type of physical security controls that use warning messages and signs to notify legal consequences and discourage hackers from making intrusion attempts. Deterrent controls aim to reduce the likelihood of an attack by creating a perception of risk or fear in the potential attackers.Deterrent controls can include fences, locks, alarms, cameras, guards, or security policies12.References:Network Defense Essentials - EC-Council Learning,Understanding the Various Types of Physical Security Controls

ISO/IEC 27018 is the ISO standard that provides guidance to ensure that cloud service providers offer appropriate information security controls to protect the privacy of their customer’s clients by securing personally identifiable information entrusted to them. ISO/IEC 27018 is a code of practice for protecting personal information in cloud storage. The term for the personal data it covers is Personally Identifiable Information or PII. ISO/IEC 27018 is an addendum to ISO/IEC 27001, the first international code of practice for cloud privacy. It helps cloud service providers who process PII to assess riskand implement controls for protecting PII. ISO/IEC 27018 was created in 2014 and updated in 2019. It has the following objectives:

• Help the public cloud service provider to comply with applicable obligations when acting as a PII processor, whether such obligations fall on the PII processor directly or through contract.
• Enable the public cloud PII processor to be transparent in relevant matters so that cloud service customers can select well-governed cloud-based PII processing services.
• Assist the cloud service customer and the public cloud PII processor in entering into a contractual agreement.
• Provide cloud service customers with a mechanism for exercising audit and compliance rights and responsibilities in cases where individual cloud service customer audits of data hosted in a multiparty, virtualized server (cloud) environment can be impractical technically and can increase risks to those physical and logical network security controls in place123.

References:

• ISO/IEC 27018: Protecting PII in Public Clouds - ISMS.online, ISMS.online, 2019
• ISO/IEC 27018 - Wikipedia, Wikipedia, 2021
• ISO/IEC 27018:2019 - Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors, ISO, 2019