Cloud-Technology-Lab-(C90-03A).pdf - SOA C90-03A Cloud...

This preview shows page 1 - 3 out of 8 pages.

C90-03A SOA Cloud Technology Lab
and encounter a variety of exceptions. A subsequent investigation of the log files generated by Pay-For-Use Monitor A reveals that the three server crashes coincided with the usage periods of Ready-Made Er n'ronment B b> Cloud Service Consumer B. De 'elopers at the Cloud Consumer 3 organization confirm they did not actually log in during those periods, which leads Cloud Provider X to discover that another cloud service consumer has been posing as Cloud Service Consumer B in order to maliciously access Ready-Made Environment B, Virtual Server B, and Physical Server B on Cloud X. The investigation concludes that the malicious cloud service consumer was able to carry out the attack successfully by obtaining a weak password being used by developers from Cloud Consumer B. Which of the following statements accurately identifies the type of security threat that corresponds to the described attack - and -provides a solution that can directly mitigate this type of security threat within Cloud X? A. Ready-Made Environment B. Virtual Server B and Physical Server B were subjected to a weak authentication attack that can be mitigated by implementing the encryption and digital signature mechanisms. B. Ready-Made Environment B. Virtual Server B and Physical Server B were subjected to a malicious intermediary attack that can be mitigated by implementing the cloud-based security groups and hardened virtual server images mechanisms. C. Ready-Made Environment B, Virtual Server B and Physical Server B were subjected to a virtualization attack that can be mitigated by implementing the encryption and digital signature mechanisms. D. Ready-Made Environments, Virtual Server B and Physical Server B were subjected to an attack that succeeded due to overlapping trust boundaries. This type of attack can be mitigated by implementing the single sign-on mechanism. Answer: A QUESTION: 19 Cloud Provider X has deployed a virtualization environment in Cloud X comprised of Physical Server A hosting Virtual Servers A and B. Cloud Provider X implements Cloud Service A on Virtual Server A and makes it available to Cloud Service Consumer A, which interacts with Cloud Service A by sending and receiving messages (1, 2). Cloud Provider Y has deployed a virtualization environment comprised of Physical Server B hosting Virtual Servers C and D. Virtual Server C is made available to Cloud Service Consumer B, which interacts with Virtual Server C (3,4) in order to prepare for the deployment of a new cloud service that will be used internally by Cloud Provider Y to process data obtained from Cloud Service A.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture