CLOUD SECURITY

AAT-II
-Samyuktha Kanugula
21951A6248

1)Analyze the distinctive features, advantages, and limitations of

each IaaS, PaaS and SaaS model service type. Provide real-world
examples of applications or industries that benefit most from each
service model.
Service Model Features Advantages Limitations Examples/Industries

Provides
virtualized Requires
High flexibility, AWS EC2, Microsoft
Infrastructure computing technical
control over Azure, Google Compute
as a Service resources over expertise for
infrastructure, Engine. Industries:
(IaaS) the internet setup and
scalability. Finance, e-commerce.
(servers, storage, management.
networking).

Offers a platform
Simplifies app
to develop, run, Less control Heroku, Google App
development,
Platform as a and manage over the Engine. Industries:
automatic
Service (PaaS) applications underlying Software development,
updates,
without handling infrastructure. startups.
scalable.
the infrastructure.

Microsoft 365,
Provides access to Easy to use, Limited
Salesforce, Google
Software as a software cost-effective, customization,
Workspace. Industries:
Service (SaaS) applications over no need for dependency on
Education, healthcare,
the internet. maintenance. the provider.
HR.

2)Investigate emerging service models such as Function as a Service

(FaaS), Container as a Service (CaaS), or Database as a Service
(DBaaS).Function as a Service (FaaS):
o Executes small code functions in response to events without managing servers.
 o Example: AWS Lambda, Azure Functions.
o Benefit: Cost-effective for event-driven applications.
 Container as a Service (CaaS):
o Provides a platform to manage and deploy containers.
o Example: Docker Swarm, Kubernetes.
o Benefit: Simplifies container orchestration.
 Database as a Service (DBaaS):
o Manages databases in the cloud, handling setup, maintenance, and scaling.
o Example: Amazon RDS, Google Cloud SQL.
o Benefit: Reduces database management overhead.

3)Propose preventive measures and strategies to detect and

mitigate similar threats posed by insider attacks.
Preventive Measures:
o Implement strict access control policies (least privilege).
o Use multi-factor authentication (MFA).
o Conduct background checks and regular employee vetting.
 Detection Strategies:
o Monitor for unusual behavior using User Behavior Analytics (UBA).
o Deploy Data Loss Prevention (DLP) tools to track sensitive data movement.
 Mitigation:
o Establish clear incident response protocols.
o Regularly train staff on security awareness.
o Use audit logs for forensic investigations.

4)How can organizations implement protocols or procedures to

minimize the impact of human error in network management?
Standardized Procedures: Develop and enforce clear policies for network changes.
 Automation: Use automation tools for routine tasks to reduce manual errors.
  Training and Certification: Ensure staff are well-trained in network management.
 Change Management: Implement change control processes to track and approve
modifications.
 Monitoring and Alerts: Use network monitoring tools to detect and alert on
anomalies.

5)Discuss how vulnerabilities within Kubernetes can affect the

security posture of cloud-native applications and shared
infrastructure.
Vulnerabilities:
o Misconfigured access controls (role-based access control - RBAC).
o Insecure API endpoints.
o Container escape vulnerabilities.
 Impact:
o Compromise of Containers: Leads to unauthorized access to applications and
data.
o Lateral Movement: Attackers can move across workloads.
o Denial of Service (DoS): Overloading cluster resources.
Mitigation: Apply security patches, use network policies, and restrict pod permissions.

6)Explain how a wrapping attack occurs, detailing its methodology

and the vulnerabilities it exploits in cryptographic systems or APIs.
A wrapping attack involves manipulating encrypted data by wrapping it in another layer of
encryption.
 Methodology:
1. The attacker intercepts encrypted data.
2. They re-encrypt it with a different key (wrapping) and send it back to the
target system.
3. The system decrypts the outer layer, believing the inner data is legitimate.
 Exploited Vulnerabilities:
o Weak API authentication mechanisms.
 o Poor validation of encryption layers.

Mitigation: Implement strong API authentication, validate input data, and use encryption
best practices.

7)Analyze the core components of cloud security, including

authentication, encryption, access control, and incident response,
highlighting their significance in ensuring robust security in cloud
computing.
Authentication: Verifies user identity (MFA, biometrics).
 Encryption: Protects data in transit and at rest (TLS, AES).
 Access Control: Limits access based on roles and policies (RBAC, ABAC).
 Incident Response: Defines procedures for detecting, responding to, and recovering
from security incidents.

8)Discuss factors such as data encryption, identity and access

management (IAM), compliance, network security, and incident
response within cloud environments.
Data Encryption: Essential for protecting sensitive data.
 Identity and Access Management (IAM): Ensures only authorized users have access.
 Compliance: Adhering to regulations (GDPR, HIPAA).
 Network Security: Using firewalls, VPNs, and IDS/IPS systems.
 Incident Response: Rapid detection and response to threats.

9)Develop a sound strategy that encompasses preventive measures,

detection mechanisms, and incident response protocols to
safeguard these assets in the cloud environment.
Prevention:
o Apply security patches.
o Implement zero-trust architecture.
 Detection:
 o Use Security Information and Event Management (SIEM) tools.
o Monitor logs and use anomaly detection systems.
 Response:
o Develop an incident response plan.
o Conduct regular drills and simulations.

10)Discuss the importance of real-time monitoring, threat

intelligence, and auditing in maintaining the security posture of
corporate assets.
Real-Time Monitoring: Provides immediate alerts on suspicious activities (e.g.,
intrusion detection).
 Threat Intelligence: Offers insights into emerging threats to improve defenses.
 Auditing: Tracks user activity and changes to systems for accountability and
compliance.