Ethical Hacker CH14
Which of the following cloud security controls includes backups, space availability, and continuity of services?
Computation and storage
Which of the following is the best defense against cloud account and service traffic hijacking?
Find and fix software flaws continuously, use strong passwords, and use encryption.
Which of the following has five layers of structure that include Edge technology, Access gateway, Internet, Middleware, and Application?
IoT architecture
Anabel purchased a smart speaker. She connected it to all the smart devices in her home. Which of the following communication models is she using?
Device-to-device
What are the four primary systems of IoT technology?
Devices, gateway, data storage, and remote control
Which of the following is the correct order for a hacker to launch an attack?
Information gathering, vulnerability scanning, launch attack, gain remote access, maintain access
Which of the following attacks utilizes encryption to deny a user access to a device?
Ransomware attack
Which of the following best describes a cybersquatting cloud computing attack?
The hacker uses phishing scams by making a domain name that is almost the same as the cloud service provider.
You are using BlazeMeter to test cloud security. Which of the following best describes BlazeMeter?
An end-to-end performance and load testing tool that can simulate up to 1 million users and makes realistic load tests easier.
Which of the following is a short-range wireless personal area network that supports low-power, long-use IoT needs?
BLE
Joelle, an app developer, created an app using two-factor authentication (2FA) and requires strong user passwords. Which of the following IoT security challenges is she trying to overcome?
Default, weak, and hardcoded credentials
Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?
Delivers everything a developer needs to build an application on the cloud infrastructure.
You are employed by a small start-up company. The company is in a small office and has several remote employees. You must find a business service that will accommodate the current size of the company and scale up as the company grows. The service needs to provide adequate storage as well as additional computing power. Which of the following cloud service models should you use?
IaaS
YuJin drove his smart car to the beach to fly his drone in search of ocean animal activity. Which of the following operation systems are most likely being used by his car and drone?
Integrity RTOS and snappy
Strict supply chain management, comprehensive supplier assessment, HR resource requirements, transparent information security and management, compliance reporting, and a security breach notification process are defenses against which of the following cloud computing threats?
Malicious insiders
A company has implemented the following defenses: The data center is located in safe geographical area. Backups are in different locations. Mitigation measures are in place. A disaster recovery plan is in place. Which of the following cloud computing threats has the customer implemented countermeasures against?
Natural disasters
Google Cloud, Amazon Web Services, and Microsoft Azure are some of the most widely used cloud storage solutions for enterprises. Which of the following factors prompts companies to take advantage of cloud storage?
Need to bring costs down and growing demand for storage.
Which of the following is a nonprofit organization that provides tools and resources for web app security and is made up of software developers, engineers, and freelancers?
OWASP
A company has subscribed to a cloud service that offers cloud applications and storage space. Through acquisition, the number of company employees quickly doubled. The cloud service vendor was able to add cloud services for these additional employees without requiring hardware changes. Which of the following cloud concepts does this represent?
Rapid elasticity
Which of the following cloud computing service models delivers software applications to a client either over the Internet or on a local area network?
SaaS
If an attacker's intent is to discover and then use sensitive data like passwords, session cookies, and other security configurations such as UDDI, SOAP, and WSDL, which of the following cloud computing attacks is he using?
Service hijacking through network sniffing.
You are using software as a service (SaaS) in your office. Who is responsible for the security of the data stored in the cloud?
The provider is responsible for all the security.
During a penetration test, Omar found unpredicted responses from an application. Which of the following tools was he most likely using while assessing the network?
beSTORM
