Scribd
Upload
17 views16 pages

Course 2 Cybersecurity in The Cloud Assignment Answers

The document contains assignment answers for a Coursera course on Cybersecurity in the Cloud, focusing on a ransomware attack linked to Kaseya VSA (CVE-2021-30116) and its impact on various organizations. It includes details about the data breach, affected customers, and links to reports on the vulnerabilities involved. Additionally, it provides information on Amazon's cloud services, including product descriptions and access control measures.

Uploaded by

Shreya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
17 views16 pages

Course 2 Cybersecurity in The Cloud Assignment Answers

The document contains assignment answers for a Coursera course on Cybersecurity in the Cloud, focusing on a ransomware attack linked to Kaseya VSA (CVE-2021-30116) and its impact on various organizations. It includes details about the data breach, affected customers, and links to reports on the vulnerabilities involved. Additionally, it provides information on Amazon's cloud services, including product descriptions and access control measures.

Uploaded by

Shreya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

Coursera

Cybersecurity in the Cloud Course 2 Assignment Answers

Learning Updates Free File


Coursera Cybersecurity in the Cloud
Week 2.2 Peer-Graded Assignment Answers
100% Correct Answers

Project Title* RANSOMWARE - CVE-2021-30116

PROMPT

Briefly describe the data breach, including who or what organization


was breached, when the breach occurred, and the types of
information involved. Include the locations of affected sites if that
information is available. (Min. 30 words)
Ans.
Based on some known vulnerabilities - a ransomware attack was
performed with a full encryption of Kaseya VSA (VSA = Virtual System
Administrator) - agents. Kaseya is a MSP that runs with
administrative privileges; thus when a breach occurs within an agent,
it would affect all its linked services/servers. CVS vulnerability score
is 10.

PROMPT

Provide a link to an online report on the data breach that contains all
the information listed in the description.

Ans.
1|Page
Course 2: Cloud Data Security
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30116

PROMPT

Provide a numerical estimate for the size of the loss, and the units
used in that estimate. The units may be, for example: customers,
records, financial impact, hours the system was down, or any other
that reflect damage to the enterprise.

Ans.
Kaseya initial disclosed that only 50 out of 35000 customers were
affected. However, most of the infected customers were in the
Supply Chain which it is a conduit for propagation. For Example:
[from a more transparent report: Coop [a supermarket chain in
Sweden] all of their POS were affected] = 20% of Sweden food retail;
Apotek Hjartat - Pharmacy chain could not have their POS
functioning; SJ the Sweden rail operator could not have their POS
operating. The Blog from the attacker says that it has compromised
more than 1 million systems.

PROMPT

Provide a link to an online report on the data breach that contains all
the information listed in the description.

Ans.
https://csirt.divd.nl/cves/CVE-2021-30116/

2|Page
Course 2: Cloud Data Security
PROMPT

What vulnerability has been blamed for the breach? Identify it in


terms of its CVE number.

Ans.
CVE-2021-30116 = This vulnerability was first discovered in 2015 -
The vulnerabilities that are part of this CVE are: CVE-2021-30117 -
SQL Injection; CVE-2021-30118 - Remote Code Execution; CVE-2021-
30119 - Cross Site scripting; CVE-2021-30120 -2FA bypass; CVE-2021-
30221 - Local File inclusion; CVE-2021-30201 - XML external entry.

PROMPT

Provide a link to an online report on the data breach that identifies a


vulnerability responsible for it by CVE number.

Ans.
https://csirt.divd.nl/cases/DIVD-2021-00011/

PROMPT

What is the CVSS 3.0 base score for this vulnerability?

Ans.
HIGH

3|Page
Course 2: Cloud Data Security
PROMPT

Provide the URL for the NVD entry belonging to this CVE.

Ans.
https://nvd.nist.gov/vuln/detail/CVE-2021-30116

4|Page
Course 2: Cloud Data Security
Coursera Cybersecurity in the Cloud
Week 3 Peer-Graded Assignment Answers
100% Correct Answers

Project Title* Amazon Survey

PROMPT

Identify the cloud service vendor by name


Ans.
Amazon

PROMPT

Provide one or more URLs for pages that summarize the provider's
data service offerings. The pages should identify the brand names
associated with the data services and include brief descriptions of
the services.

Ans.
https://aws.amazon.com/products/databases/?hp=tile&so-
exp=below/#Database_services

5|Page
Course 2: Cloud Data Security
PROMPT

Product 1: Vendor’s product name


Ans.
Amazon Aurora

PROMPT

Product 1: URL describing the data service


Ans.
https://aws.amazon.com/rds/aurora/?c=db&sec=srv&aurora-whats-
new.sort-by=item.additionalFields.postDateTime&aurora-whats-
new.sort-order=desc

PROMPT

Product 1: Brief description of the service in your own words.


Ans.
Aurora is a MySQL and Postgre compatible relational database and
combines the performance, availability and cost-effectiveness in a
cloud environment.

PROMPT

Product 1: Which of the “big six” data services described in this


module most closely matches this service?
6|Page
Course 2: Cloud Data Security
Ans.
Relational Data

PROMPT

Product 1: What is the largest resource to which the cloud service


can apply access control? Include a URL to cite the information
source
Ans.
Using AWS Identity and Access Management, you can tag your
resources and control actions taken on groups of resources with the
same tag.
URL: https://aws.amazon.com/rds/aurora/mysql-
features/#Highly_Secure

PROMPT

Product 1: What is the smallest resource to which the cloud service


can apply access control? Include a URL to cite the information
source
Ans.
DB Instances, Snapshots, Parameter groups, event subscriptions and
option groups.
URL: https://aws.amazon.com/rds/aurora/mysql-
features/#Highly_Secure

7|Page
Course 2: Cloud Data Security
PROMPT

Product 1: What is the largest resource to which the cloud service


can apply encryption? Include a URL to cite the information source
Ans.
Database Instance.
URL: https://aws.amazon.com/rds/aurora/mysql-
features/#Highly_Secure

PROMPT

Product 1: What is the smallest resource to which the cloud service


can apply encryption? Include a URL to cite the information source
Ans.
Data stored at rest.
URL: https://aws.amazon.com/rds/aurora/mysql-
features/#Highly_Secure

PROMPT

Product 2: Vendor’s product name


Ans.
Amazon DynamoDB

8|Page
Course 2: Cloud Data Security
PROMPT

Product 2: URL describing the data service


Ans.
https://aws.amazon.com/dynamodb/features/#Serverless

PROMPT

Product 2: Brief description of the service in your own words.


Ans.
DynamoDB is a NoSQL database that supports key-value and
document data model. It is designed to high-performance
applications that traditional relational databases would be
overburden.

PROMPT

Product 2: Which of the “big six” data services described in this


module most closely matches this service?
Ans.
Key-Value Documents

PROMPT

9|Page
Course 2: Cloud Data Security
Product 2: What is the largest resource to which the cloud service
can apply access control? Include a URL to cite the information
source
Ans.
Amazon Elastic Compute Cloud Instance.
URL:
https://docs.aws.amazon.com/amazondynamodb/latest/developerg
uide/authentication-and-access-control.html

PROMPT

Product 2: What is the smallest resource to which the cloud service


can apply access control? Include a URL to cite the information
source
Ans.
DynamoDB Table.
URL:
https://docs.aws.amazon.com/amazondynamodb/latest/developerg
uide/authentication-and-access-control.html

PROMPT

Product 2: What is the largest resource to which the cloud service


can apply encryption? Include a URL to cite the information source
Ans.
All user data stored in DynamoDB.
10 | P a g e
Course 2: Cloud Data Security
URL:
https://docs.aws.amazon.com/amazondynamodb/latest/developerg
uide/EncryptionAtRest.html

PROMPT

Product 2: What is the smallest resource to which the cloud service


can apply encryption? Include a URL to cite the information source
Ans.
Tables.
https://docs.aws.amazon.com/amazondynamodb/latest/developerg
uide/EncryptionAtRest.html

PROMPT

Product 3: Vendor’s product name


Ans.
Amazon Simple Storage Service (S3)

PROMPT

Product 3: URL describing the data service


Ans.
https://aws.amazon.com/s3/

11 | P a g e
Course 2: Cloud Data Security
PROMPT

Product 3: Brief description of the service in your own words.


Ans.
Object storage service. It can be used in a variety of cases such as
data lakes, cloud-native app and mobile apps.

PROMPT

Product 3: Which of the “big six” data services described in this


module most closely matches this service?
Ans.
Bucket Storage

PROMPT

Product 3: What is the largest resource to which the cloud service


can apply access control? Include a URL to cite the information
source
Ans.
A resource (AKA Bucket or object).
URL:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-
control-overview.html

12 | P a g e
Course 2: Cloud Data Security
PROMPT

Product 3: What is the smallest resource to which the cloud service


can apply access control? Include a URL to cite the information
source
Ans.
A user.
URL:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-
control-overview.html

PROMPT

Product 3: What is the largest resource to which the cloud service


can apply encryption? Include a URL to cite the information source
Ans.
Encryption for all data before being saved in the cloud.
URL:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKM
SEncryptioin.html

PROMPT

Product 3: What is the smallest resource to which the cloud service


can apply encryption? Include a URL to cite the information source
13 | P a g e
Course 2: Cloud Data Security
Ans.
Encryption for data based on context.
URL:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKM
SEncryptioin.html

14 | P a g e
Course 2: Cloud Data Security
If You Liked the Effort then Hit ‘Subscribe’ for
more Interesting Videos!

YouTube Channel Link: https://www.youtube.com/channel/UCKXtnMcSrAid34MSjxW17gQ/

Telegram Channel Link: https://t.me/learning_updates

Thank You for Trusting Us!


@LearningUpdates

15 | P a g e
Course 2: Cloud Data Security

You might also like