7.3.3 Quiz – Cloud, Mobile, and IoT Security Answers
1. Which term is an essential characteristic of cloud computing as defined in NIST SP 800-145?
- centralized storage
- resource pooling
- reduced bandwidth requirements
- slow elasticity
2. Which cloud technology attack method involves breaching the infrastructure to gather and steal information such as valid usernames, passwords, tokens, and PINs?
- account takeover
- credential harvesting
- privilege escalation
- side-channel attacks
3. Which cloud technology attack method could exploit a bug in a software application to gain access to resources that normally would not be accessible to a user?
- account takeover
- credential harvesting
- privilege escalation
- side-channel attacks
4. Which term describes when a lower-privileged user accesses functions reserved for higher-privileged users?
- vertical privilege escalation
- horizontal privilege escalation
- credential harvesting
- metadata service attacks
5. Which cloud technology attack method could a threat actor use to access a user or application account that allows access to more accounts and information?
- account takeover
- metadata service attacks
- resource exhaustion and DoS attacks
- side-channel attacks
6. Which tool could be used to find vulnerabilities that could lead to metadata service attacks?
- Nimbostratus
- Clair
- Falco
- Dagda
7. Which cloud technology attack method could generate crafted packets to cause a cloud application to crash?
- resource exhaustion attack
- account takeover
- metadata service attack
- side-channel attack
8. Which cloud technology attack method would require the threat actor to create a malicious application and install it into a SaaS, PaaS, or IaaS environment?
- resource exhaustion attack
- account takeover
- metadata service attack
- cloud malware injection attack
9. What is a common cause of data breaches in attacks against misconfigured cloud assets?
- using insecure permission configurations for cloud object storage services
- using hard-coded credentials to access different services
- implementing metadata service to get a set of temporary access credentials
- adding sensitive information in user startup scripts
10. A threat actor has compromised a VM in a cloud environment that shares the same physical hardware as non-compromised VMs. Which cloud technology attack method could now be used to exfiltrate credentials, cryptographic keys, and other sensitive information?
- side-channel attack
- cloud malware injection attack
- resource exhaustion attack
- account takeover
11. Which tool helps software developers and cloud consumers deploy applications in the cloud and use the resources that the cloud provider offers?
- Software development kits (SDKs)
- Cloud development kits (CDKs)
- Identity and access management (IAM)
- Nimbostratus
12. Which mobile device vulnerability is targeted when a threat actor reverse engineers a mobile app to see how it creates and stores keys in the iOS Keychain?
- insecure storage
- passcode vulnerabilities and biometric integrations
- certificate pinning
- using known vulnerable components
13. Which tool is an open-source framework used to test the security of iOS applications?
- Needle
- Drozer
- APK Studio
- ApkX
14. Match the Bluetooth Low Energy (BLE) phase to the description.
15. Which option is a security vulnerability that affects IoT implementations?
- plaintext communication and data leakage
- VM escape vulnerabilities
- certificate pinning
- hyperjacking
16. Which two IoT systems should never be exposed to the Internet? (Choose two.)
- turbines in a power plant
- robots in a factory
- refrigerators in a restaurant
- thermostat in a home
- carbon monoxide detectors in a home
17. Which option is a collection of compute interface specifications designed to offer management and monitoring capabilities independently of the CPU, firmware, and operating system of the host?
- Intelligent Platform Management Interface (IPMI)
- Shodan
- Supervisory control and data acquisition (SCADA)
- Mobile Security Framework (MobSF)
18. A threat actor uploaded a VM with malicious software to the VMware Marketplace. When an organization deploys the VM, the threat actor can manipulate the systems, applications, and user data. What type of VM vulnerability has been enabled?
- VM repository vulnerability
- Hypervisor vulnerability
- Hyperjacking
- VM escape vulnerability
19. Which tool is a set of open-source analysis tools that uses the ClamAV antivirus engine to help detect vulnerabilities, Trojans, backdoors, and malware in Docker images and containers?
- Anchore’s Grype
- Clair
- Dagda
- Falco
20. Which credential harvesting tool could be used to send a spear phishing email with a link to a malicious site to a target victim?
- Social-Engineer Toolkit (SET)
- Searchsploit
- Drozer
- Dagda
21. Why do cloud architectures help minimize the impact of DoS or DDoS attacks compared to hosting services on-premise?
- cloud providers use a distributed architecture
- cloud providers provide sandbox analysis
- cloud providers limit network exposure to the internet
- cloud providers use Intelligent Platform Management Interfaces (IPMI)
22. Which option is a characteristic of a VM hypervisor?
- Type 1 hypervisors are also known as native or bare-metal hypervisors.
- Type 1 hypervisors run on top of other operating systems.
- Type 2 hypervisors include VMware ESXi and Microsoft Hyper-V.
- Type 2 hypervisors run directly on the physical (bare-metal) system.
23. A threat actor has compromised a VM in a data center and discovered a vulnerability that provides access to data in another VM. What type of VM vulnerability has been discovered?
- VM escape vulnerability
- VM repository vulnerability
- Hypervisor vulnerability
- Hyperjacking
24. Which tool can be used to perform on-path attacks in BLE implementations?
- GATTacker
- Social-Engineer Toolkit (SET)
- Nimbostratus
- Dagda
25. Which tool is an open-source container vulnerability scanner that can be used to find vulnerabilities in a Docker image?
- Anchore’s Grype
- GATTacker
- Social-Engineer Toolkit (SET)
- Nimbostratus
Correction on Question 14:
Phase 1 – pairing feature exchange
Phase 2 – short-term key generation
Phase 3 – transport-specific key distribution