Surendra Purohit

Which protocol operates at the layer 4 on the over sign module provides the connection oriented data transmission. And layer 4, it is TCP and UDP. And, data trans connection oriented data transmission address, TCP. TCP is the one who is the collection gated.

How do you secure the virtualized environment to prevent the VMs scale vulnerabilities? We by following the CIS benchmarking and applying the, VM Hardening. We can we can, ensure the

security of virtualized environment. Explain how will you configure multi factor

What step would you take to migrate on prem pipeline to a cloud based solution without significant downtime? We can do it by using the first first, we can, uh, check the critical. We have to, uh, ensure the critical and differentiate the critical critical business, critical machines. Based on those business accounts, business machines, we have to segregate, and then we have to do it while the, uh, while the operations are not or the machines are not under or the accounts are not under operations. And, uh, then we can, uh, we do we can do it in, uh, batches by segregating it based on, uh, criticality business criticality.

Describe your process for implementing a new network security policy across the organization layered infrastructure. Process of implementing new network security across an organization layered infrastructure. Uh, yep. So, uh, it is like new network security policy if we have to implement. Like, first, we need to understand and, um, first, we need to get the scope why we have to implement those. And afterwards, once we get the scope and, uh, higher, uh, higher management approvals in place, then we have to, uh, check, uh, like, what are the what are the critical assets which we have to get the, uh, get the get protected, uh, under that, uh, layered infrastructure. And then based on that, we will uh, implement or we will define or this or design the policy.

Yep. Uh, based out of 5, uh, different steps, first thing is, uh, planning. I mean, this is basically work on the PDCA, uh, plan due check and act, uh, framework in which the first, uh, first thing which we have to do is plan, and then we have to get the approvals from the senior leadership. And then, uh, we have to, uh, check the current controls, and then we have to check we have to implement the gaps, which we have been which has been discovered. Once this thing will be highlighted, then we can go ahead and, uh, do the con continuous monitoring. Once this, uh, I'm sorry. Before continuous monitoring, we have to review, uh, the current architecture after the implementation post implementation of the weaknesses. And afterwards, once this will all be complete, then we have to do the, uh, monitoring continuous monitoring should be implemented.

If a Linux system is low on a memory, what is the potential first step to managing this issue without adding more RAM? We will check the services by by using the command, uh, top, uh, list. So it will showcase what all the services which are unnecessarily running on the system, and those are not those are consuming the memory. Uh, we can try to stop those unused services. So it will reduce the, uh, it will, uh, degrade or downgrade the, uh, memory consumption without adding any additional time.

Do you design default alternate network infrastructure for a financial institution that requires 1991? Simple. The best way is to comply. And when when we are talking about the financial institution, we have to follow the compliance standards, which is like PCI DSS or, uh, NIST framework, which is, you know, one of the major stakeholder in the in the, uh, point of con compliance and governance. So but, uh, for the for the specific to the financial compliance, we can use the PCI DSS, and that will be the best, uh, way to secure or create default tolerant network infrastructure.

The context of AWS, what options do you have for ensuring the high availability of an application serving the global audience? Yeah. Just like load balancing. 1st, we can do scalability, the best option. Uh, then you see in, uh, s 3, the storage services, which is already enabled with the scalability. Secure secure, uh, scalable storage, which is self, uh, name itself shows shows that. Also, if you are deploying the VMs, we do we can do the clustering. And, um, by by following this load balancing and clustering module, we can, uh, do the, uh, do the application higher or, uh, put up an, uh, achieve availability.

Is your experience with HIPAA and SOC compliance? So I have, um, not, uh, directly I've worked on, but I have an understanding over HIPAA and so both. HIPAA is majorly, like, it has to be, uh, it has been involved when there is any there's sort of in there in any, uh, health insurance or, uh, any any health related data to be disclosed or has to be, uh, deemed, then we have to comply with the HIPAA. Uh, the full form is, like, health insurance, uh, prevention act. And, uh, SOC is like, um, it's it's a compliance which has been, uh, involved when there is any financial transactions or financial, uh, measures has to be considered, then in that case, we have to involve this SOC compliance. So, yeah, these, uh, to, uh, however, ensure that to adhere that, like, the the, uh, sub clauses and the compliance policies, which has to be which has been created, uh, for, uh, by considering both the compliance framework, it has to be followed. So this is how we will ensure there are certain, uh, ways, like, we have to do the internal audits, external audits, and continuous auditing has to be done. So this is how we can, uh, do this infrastructure. Uh, I mean, we can we can make sure that the compliance has been added to the infrastructure.