What is PaaS?
PaaS stands for Platform-as-a-Service. This type of cloud computing service allows for the development of applications and services. Subscribers need not buy and manage the software and infrastructure underneath it but have authority over deployed applications and perhaps application hosting environment configurations. This offers development tools, configuration management, and deployment platforms on-demand, which can be used by subscribers to develop custom applications (e.g., Google App Engine, Salesforce, Microsoft Azure). Advantages of writing applications in the PaaS environment include dynamic scalability, automated backups, and other platform services, without the need to explicitly code for them.
What is IaaS?
IaaS stands for Infrastructure-as-a-Service. This cloud computing service enables subscribers to use on-demand fundamental IT resources, such as computing power, virtualization, data storage, and network. This service provides virtual machines and other abstracted hardware and operating systems (OSs), which may be controlled through a service application programming interface (API). As cloud service providers are responsible for managing the underlying cloud computing infrastructure, subscribers can avoid costs of human capital, hardware, and others (e.g., Amazon EC2, GoGrid, Microsoft OneDrive, Rackspace).
Which of the following cloud broker services improves a given function by a specific capability and provides value-added services to cloud consumers?
- Service intermediation
- Distributed storage
- Service arbitrage
- Service aggregation
Service Intermediation
Which of the following is the layer in the cloud storage architecture that performs several functions such as data de-duplication and data replication?
- Front-end layer
- Back-end layer
- Application layer
- Middleware layer
Middleware Layer
In cloud-storage, what is the front-end layer?
The front-end layer is accessed by the end user where it provides APIs for the management of data storage.
In cloud-storage, what is the back-end layer?
The back-end layer is where the storage hardware resides.
In cloud-storage, what is the middleware layer?
The middleware layer performs several functions such as data de-duplication and replication of data to the backend.
Which of the following actors in the NIST cloud deployment reference architecture acts as an intermediary for providing connectivity and transport services between cloud consumers and providers?
- Cloud carrier
- Cloud consumer
- Cloud provider
- Cloud auditor
Cloud carrier
What is a private cloud?
A private cloud, also known as internal or corporate cloud, is a cloud infrastructure that a single organization operates solely. The organization can implement the private cloud within a corporate firewall. Organizations deploy private cloud infrastructures to retain full control over corporate data. Note that this means that someone operating their own Office 365 domain is using a private cloud.
What is a community cloud?
A Community Cloud is a multi-tenant infrastructure shared among organizations from a specific community with common computing concerns such as security, regulatory compliance, performance requirements, and jurisdiction.
Which of the following three service models are the standard cloud service models?
- SaaS, IaaS, and hybrid
- Private, public, and community
- XaaS, private, and public
- SaaS, PaaS, and IaaS
SaaS, PaaS and IaaS
Which of the following is not a characteristic of virtualization in cloud computing technology?
- Isolation
- Storage
- Encapsulation
- Partitioning
Storage is not a characteristic of virtualization in cloud computing as it is its own virtualization (virtualizing storage hardware). Isolation, Encapsulation and Partitionining are the three characteristics of virtualization.
What is XaaS?
XaaS is shorthand for anything as a service, used to reference the general computing turn towards turning everything into a service.
What are the four tiers of container technology architecture?
- Tier 1: Developer Machines - Image Creation, Testing and Accreditation
- Tier 2: Testing and Accreditation Systems - Verification and Validation of Image Contents, Signing Images and Sending to Registries
- Tier 3: Registries - Storing Images and Disseminating Images to Orchestrators for Distribution
- Tier 4: Orchestrators - Transforming Images into Containers and deploying containers to hosts
- Tier 5: Host - Actual Execution of Container (don’t ask why it’s 5)
In containers, what are the IPAM drivers?
IP address management (IPAM) drivers assign default subnet and IP addresses to the endpoints and networks if they are not assigned.
In containers, what is the sandbox?
Sandbox comprises the container network stack configuration for the management of container interfaces, routing tables, and domain name system (DNS) settings. Aka high level shit.
In containers, what is the endpoint?
To maintain application portability, an endpoint is connected to a network and is abstracted away from the application, so that services can implement different network drivers. In easier terms, the endpoint does the network operations so the container can use a different driver.
Which of the following is a docker remote driver that is a network plugin used to build a virtual network for connecting docker containers spread across multiple clouds?
- Weave
- Kuryr
- MACVLAN
- Contiv
Weave
Which of the following is the docker native network driver that implements its own networking stack and is isolated completely from the host networking stack?
- Overlay
- Host
- MACVLAN
- None
None
Which of the following node components of the Kubernetes cluster architecture is an important service agent that runs on each node and ensures that containers run in a pod?
- Container runtime
- Kubelet
- Kube-proxy
- Etcd cluster
Kubelet
In one of the following OWASP cloud security risks, unsecured data in transit are susceptible to eavesdropping and interception attacks. Which is this risk?
- Incident analysis and forensic support
- Service and data integration
- Business continuity and resiliency
- Multi tenancy and physical security
Service and Data integration
Through which of the following Kubernetes vulnerabilities can an attacker exploit the kube-apiserver with the disabled debug mode to directly interact with it and perform various malicious activities?
- No back-off process for scheduling
- Exposed bearer tokens in logs
- Log rotation is not atomic
- No non-repudiation
No non-repudiation. If debug mode is disabled, kube-apiserver does not record user actions. Kube-apiserver performs all user transactions, such as creation, modification, and deletion, through its handlers without using a central auditing service. Attackers can directly interact with kube-apiserver and perform various malicious activities.
In cloud computing, what is a wrapping attack?
A wrapping attack is performed during the translation of the SOAP message in the TLS layer, where attackers duplicate the body of the message and send it to the server as a legitimate user.
What are cloud hopper attacks?
Cloud Hopper attacks are triggered at the managed service providers (MSPs) and their users. Attackers initiate spear-phishing emails with custom-made malware to compromise the accounts of staff or cloud service firms to obtain confidential information.
-
Introduction to Ethical Hacking37
-
Footprinting and Reconnaissance20
-
Scanning Networks34
-
Enumeration40
-
Vulnerability Assessment28
-
System Hacking15
-
Malware Threats58
-
Sniffing30
-
Social Engineering16
-
Denial-of-Service22
-
Session Hijacking9
-
Evading IDS, Firewalls, and Honeypots40
-
Hacking Web Servers17
-
Hacking Web Applications20
-
SQL Injection20
-
Hacking Wireless Networks54
-
Hacking Mobile Platforms20
-
IoT and OT Hacking33
-
Cloud Computing44
-
Cryptography39
-
Exam Questions - Misc46
-
Exam Questions - Misc 235
