Scribd
Upload
2K views4 pages

NPTEL CC Assignment6

This document contains a 10 question multiple choice quiz about cloud computing concepts and security. The questions cover topics like cloud security threats, types of attacks, intrusion detection systems, recovery time objectives, inheritance conflicts, hypervisor risks, fault tolerance, and tools used in Amazon EC2. For each question, the correct answer and a brief explanation is provided.

Uploaded by

Paul Stark
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2K views4 pages

NPTEL CC Assignment6

This document contains a 10 question multiple choice quiz about cloud computing concepts and security. The questions cover topics like cloud security threats, types of attacks, intrusion detection systems, recovery time objectives, inheritance conflicts, hypervisor risks, fault tolerance, and tools used in Amazon EC2. For each question, the correct answer and a brief explanation is provided.

Uploaded by

Paul Stark
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

​ NPTEL Online Certification Courses

​ Indian Institute of Technology Kharagpur

Cloud Computing
Assignment-Week 6
TYPE OF QUESTION: MCQ/MSQ
Number of questions: 10 Total mark: 10 X 1 = 10

QUESTION 1:
Modification threat on cloud security is an example of:
A. Deception
B. Disclosure
C. Disruption
D. Usurpation

Correct Option: A, C, D
Detailed Answer: Modification results in deception, disruption, and usurpation.

QUESTION 2:
Which of the following is/are example(s) of passive attack?
A. Replay
B. Denial of service
C. Traffic analysis
D. Masquerade

Correct Option: C
Detailed Answer: Traffic analysis is an example of passive attack.

QUESTION 3:
Interception is an attack on integrity
A. TRUE
B. FALSE

Correct Option: B
Detailed Answer: Interception is an attack on confidentiality.
​ NPTEL Online Certification Courses

​ Indian Institute of Technology Kharagpur

QUESTION 4:
Statement I: Intrusion Detection System (IDS) scans the incoming messages, and creates alerts
when suspected scans/attacks are in progress.
Statement II: Authentication is the identification of legitimate users.

A. Statement I is TRUE and statement II is FALSE.


B. Statement I is FALSE and statement II is TRUE.
C. Both statements are TRUE.
D. Both statements are FALSE.

Correct Option: C
Detailed Answer: Statement I is correct (Refer slide 24 of Cloud Security-I). Authentication is the
identification of legitimate users.

QUESTION 5:

1. Injection attack (a) Attacker sending huge amounts of requests to a


certain service and causing denial of service.

2. Flooding (b) Browser-based security issues.

3. Metadata (WSDL) spoofing attack (c) Introduce malicious code to change the course of
execution.

(d) Malicious reengineering of Web Services’


metadata description.

A. 1-(a), 2-(b), 3-(d)


B. 1-(c), 2-(a), 3-(d)
C. 1-(b), 2-(c), 3-(d)
D. 1-(a), 2-(c), 3-(d)

Correct Option: B
Detailed Answer: The following are web service based attacks. Refer to slide 23 of Cloud
Security-II.
​ NPTEL Online Certification Courses

​ Indian Institute of Technology Kharagpur

QUESTION 6:
Recovery Time Objective (RTO) represents the period of time allowed for the complete execution
of the task.
A. TRUE
B. FALSE

Correct Option: B
Detailed Answer: Recovery Time Objective (RTO) represents the period of time allowed for
recovery i.e., the time that is allowed to elapse between the disaster and the activation of the
secondary site.

QUESTION 7:
The correct statement(s) for necessary and sufficient conditions for the detection of inheritance
conflict is/are:
A. Sufficient condition: current entry role and at least one exit role forms conflicting pair
B. Sufficient condition: current entry role is senior to at least one exit role
C. Necessary condition: current entry role is senior to at least one exit role
D. Necessary condition: at least one exit role

Correct Option: B, D
Detailed Answer: Refer necessary and sufficient conditions for the detection of inheritance
conflict Page-26 of Cloud Security-IV

QUESTION 8:
Which of the following is/are hypervisor risks associated with VM escape?
A. Vulnerable virtual machine applications like Vmchat, VMftp, Vmcat etc.
B. Rogue hypervisor that hides itself from normal malware detection systems
C. Improper configuration of VM
D. Rogue hypervisor that creates a covert channel to dump unauthorized code

Correct Option: A, C
Detailed Answer: Hypervisor risks associated with VM escape consist of improper configuration
of VM that allows malicious code to completely bypass the virtual environment, and obtain full root
or kernel access to the physical host. Also, risks are associated with vulnerable virtual machine
applications like Vmchat, VMftp, Vmcat etc.
​ NPTEL Online Certification Courses

​ Indian Institute of Technology Kharagpur

QUESTION 9:
In fault tolerance, replication is the duplication of critical components of a system with the intention
of increasing reliability of the system, usually in the case of a backup or fail-safe.
A. TRUE
B. FALSE

Correct Option: B
Detailed Answer: In fault tolerance, replication is mirroring/sharing data over disks which are
located in separate physical locations to maintain consistency.

QUESTION 10:
Which of the following Open-source tools is/are used for retrieving web pages in Amazon EC2
platform?

A. wget
B. hping
C. ifconfig
D. nmap

Correct Option: A
Detailed Answer: Wget is a tool to probe ports by retrieving web pages in EC2.

You might also like