Question

A security consultant is conducting a penetration test against a customer's Enterprise that comprises localhost and...

A security consultant is conducting a penetration test against a customer's Enterprise that comprises localhost and cloud-based servers. The hosting service employs a multi-tenancy model with elastic provisioning to meet customer demand. The customer runs multiple virtualized servers on each provision Cloud host the security consultant is able to obtain multiple sets of administrator credentials without penetrating the customer Network. Which of the following is the most likely risk the tester exploited?

  1. Data-at-rest encryption Miss configuration and repeat key usage

  2. offline attacks against the cloud security broker service

  3. the ability to scrape data remnants in a multi-tenancy environment

  4. VM Escape attack against a customer Network hypervisor

Homework Answers

Answer #1

Q:- A security consultant is conducting a penetration test against a customer's Enterprise that comprises localhost and cloud-based servers. The hosting service employs a multi-tenancy model with elastic provisioning to meet customer demand. The customer runs multiple virtualized servers on each provision Cloud host the security consultant is able to obtain multiple sets of administrator credentials without penetrating the customer Network. Which of the following is the most likely risk the tester exploited?

  • Data-at-rest encryption Miss configuration and repeat key usage
  • offline attacks against the cloud security broker service
  • the ability to scrape data remnants in a multi-tenancy environment
  • VM Escape attack against a customer Network hypervisor

Answer:-----

VM Escape attack against a customer Network hypervisor

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions