Q.

01
Robert wants to implement Identity and Access Management (IAM) in the cloud environment to manage digital
identities of users and their rights to access cloud resources.
Which unit of standard enterprise IAM architecture allows activating operating governance and supervising the process
for determining that an entity is who or what it claims to be?

A. User management B. Authentication management

C. Authorization management D. Access management

Q.02
Your organization has developed a CRM application to manage its clientele across the world. You have offices and
customer support executives located in different parts of the world. You need to host your CRM application on a cloud
so that all your customer support executives can access the CRM application from their geographical locations. The
organization has limited resources, and does not want to invest resources in purchasing server operating systems,
required software, and hardware.It also does not want to invest resources to manage the security controls on the cloud
such as packing and updating of operating systems, malware scanning, etc. Which of the following cloud service models
meet the requirements above?

A. SaaS B. PaaS C. IaaS D. SECaaS

Q.03
During the session hijacking penetration testing on the organization network, organization came to know that the
network is vulnerable to session hijacking as they are using Telnet and rlogin protocol for logon, authentication, or data
transmission.
Which of the following preventive measure organization needs to implement to protect the organization network from
session hijacking attack?

A. Use OpenSSH or SSH (Secure Shell)

B. Enable compression mechanism of HTTP requests
C. Increase the life span of a session or a cookie
D. Use PAP (Password Authentication Protocol) for authentication

Q.04
Which of the following markup languages enables SSO delegation and risk-based authentication in the cloud
environment specifically preventing phishing and MitM attacks?

A. Security Assertion Markup Language (SAML) B. Service Provisioning Markup Language (SPML)
C. eXensible Access Control Markup Language (XACML) D. Open Authentication (OAuth)

Q.05
Your company has recently received several complaints where cloud service users reported suspicious activities in their
account. The network security team in your company suspects the accounts were victims of session hijacking attacks.
Which of the following network layer security controls will prevent attacks such as session hijacking?

A. DNSSEC B. DLP
C. IAM D. HIDS

Q.06
Your company uses cloud services from XSecCloud, Inc. to host its popular online gaming site. The online games are
hosted on three replication mirror servers that serve different parts of the world. The company has subscribed to a
bandwidth of 100 Mbps. The users on the site never complained about any slowdown in the service. However, during
the last Christmas holidays, the company received several complaints from the North American region that the games
are not responding. You have been asked to investigate the real cause of the problem and suggest cost-effective
solutions to avoid any such issue in the future. During your investigation, you discover users only utilizing 50 Mbps of
the available bandwidth, which signifies bandwidth is not appropriately utilized. Of the choices below, what would be
your suggestion to avoid this kind of service slowdown in the future?

A. The CSP should provide broad network access B. The CSP should provision rapid elasticity
C. The CSP should provision elastic load balancing D. The CSP should provision dynamic infrastructure scaling

Q.07
Adam, a web server administrator, was browsing his company’s site; he surprisingly experienced a change in the visual
appearance of his company’s site. After initial analysis of the incident, he realized that their webserver’s security is
compromised and the attacker has replaced the hosted webpage in the website directory with their page.
Identify the website attack in above scenario.

A. Defacement attack B. Directory traversing attack

C. DoS Attack D. Cross Site Scripting attack

Q.08
Danish, has recently completed a professional cloud training sponsored by his organization and wants to implement
cloud technologies in his organization. Danish is new to the cloud technology and before launching the company’s
cloud services; he decided to create test machines and configurations where he can test the performance of cloud
services. Due to the lack of a cloud/virtualization policy, Danish mistakenly created several machines he was unable to
monitor. Which of the following term defines the above situation?

A. CloudCracker B. Cloud sprawl

C. Malicious insider D. Abuse of cloud services

Q.09
Xsecurity Services wants to roll out its innovative cloud services for SMEs. The company wants to provide its cloud
service with the following characteristics.
 Infrastructure should have dedicated resources for the client
 Infrastructure should store data on exclusive machine
 Infrastructure should completely control the cloud server
 Infrastructure should have the capability to manage increased resources depending upon the requirement and
the usage of client
 It should provide security by employing custom firewalls
Which of the following cloud deployment models fulfil the requirements above?

A. Community Cloud B. Hybrid Cloud

C. Public Cloud D .Private Cloud

Q.10
A link pops up on a shopping site asking you to click on it. As soon as the link is clicked, you are asked to share the link
on Facebook. A Facebook login screen appears and you log in to your account. Once the credentials are passed the
Facebook is hacked.
This is an example of what type of mobile attack?

A. Session Hijacking B. Clickjacking attack

C. Cross-site Scripting (XSS) D. SQL injection attacks

Q.11
James wants to prevent reflective DoS attacks from being able to compromise your network. What steps can Stan take
to prevent these attacks?

A. James will need to block all TCP port 17185 traffic on the firewall
B. James should configure his network devices to recognize SYN source IP addresses that never complete their
connections
C. James needs to block all UDP traffic coming in on port 1001 to prevent future reflective DoS attacks against their
network
D. James should configure his firewall so that it blocks FIN packets that are sent to the broadcast address of the
company’s internal IP range

Q.12
James works as a cloud security professional with XSecurity Consultant. He is performing a security assessment on a
small healthcare provider’s cloud network.
James started penetration testing by searching for virtual machines on the client host network to identify all the
machines, appliances, and services running in the virtual environment.
What will help James discover all the virtual machines on the client’s network?

A. Use the ping utility to discover the virtual environments

B. Use the Nmap tool to detect virtual machines
C. Check IP address information on virtual NICs
D. Use the Google search engine to discover the virtual environments

Q.13
CloudSign, a digital certificate authority, recently adopted cloud technology to meet the growing business demand.
Within a week of moving to the cloud,CloudSign was targeted with a massive denial-of-service attack. When CloudSign
contacted its cloud service provider, they are not responsible for the attack on the company based on the existing SLA
between the two parties. Which of the following cloud threats is referred to in the above scenario?

A. Abuse of cloud services B. Malicious insiders

C. Insufficient due diligence D. Account hijacking

Q.14
Which of the following approaches to vulnerability assessment is mainly focused on the hierarchical interdependent
vulnerabilities, such as server-based vulnerabilities or device-based vulnerabilities?

A. Product-based assessment solutions B. Service-based assessment solution

C. Tree-based assessment D. Inference-based assessment