Attacking the Cloud

Question 1

Most of the time, what is to blame for successful cloud attacks?

Answer 1

Compromised API-based credential material

Question 2

What is the primary attack vector for cloud environments?

Answer 2

Credential harvesting

Question 3

What is federated authenication?

Answer 3

Federated authentication is when organizational authentication uses Security Assertion Markup Language (SAML) to create an authentication token, which is then fed to a cloud service.

Question 4

What is a common Python tool that can be used to identify cloud resources, identify misconfigurations, and more in AWS? It can be used to conduct reconnaissance, privilege escalation, lateral movement, exploitation, and evasion in the cloud.

Answer 4

Pacu, developed by Rhino Security Labs

Question 5

AWS user keys typically begin with ______ and services begin with ________.

Answer 5

AKIA, ASIA. When you see AKIA, it is a long-term credential and ASIA is a short-term credential

Question 6

What term is used to describe someone gaining pervasive access to an account?

Answer 6

Account takeover

Question 7

What is an example of a cloud-specific tool used for password spraying?

Answer 7

Microsoft Online MSOLSpray

Question 8

What is an example of a best-practice to ensure administrators only give people the permission they need to do their job while still being able to update permissions across all job holders should the requirement for the job change?

Answer 8

Rule-Based Access Control (RBAC)

Question 9

What is a Python tool that can audit accounts in AWS, Azure, Google Cloud, Alibaba, and Oracle Cloud, gathering configuration data and highlighting potential risk areas for manual inspection?

Answer 9

Scout Suite

Question 10

What is one of the most-abused cloud components?

Answer 10

Object Storage

Question 11

What is an open-source tool that uses YAML policy files for auditing and enforcing cloud configuration policies in multiple cloud environments such as Azure, AWS, and Google Cloud?

Answer 11

CloudCustodian

Question 12

What is a multi-cloud tool that helps identify target infrastructure, files, and applications using wordlists, domains, and common cloud naming conventions?

Answer 12

CloudBrute

Question 13

What kind of cloud attack takes up bandwidth or connections to a target to create a DOS?

Answer 13

Volumetric DDoS

Question 14

If the real IP address of a back-end server is revealed, attackers can bypass protections and attack IP addresses directly. What kind of attack is this called?

Answer 14

Direct-to-origin

Question 15

Since the CPUs in cloud-hosted environments are the same and hardware can be shared across multiple customers, what kind of attack takes advantages of weaknesses in hardware to capture information from other instances?

Answer 15

Side-channel Attack

Question 16

Name some tools that can be used for Infrastructure as Code.

Answer 16

Chef, Puppet, Ansible, SaltStack, Terraform, CloudFormation, Packer, Vagrant, Docker, Kubernetes

Question 17

What concept allows organizations to programmatically define how to build instances and architectures in the cloud so that they can be consistent, scalable, reusable, and well-defined?

Answer 17

Infrastructure as Code (IaS)