Cloud Security Threats - Common Attack Vectors - MCQ Questions

1. Which of the following is a primary risk of multi-tenancy in cloud computing?

A) Increased storage cost
B) Shared computing resources vulnerability
C) Reduced data redundancy
D) Decreased network speed

✅ Answer: B) Shared computing resources vulnerability
💡 Explanation: In multi-tenant environments, multiple customers share the same infrastructure. If isolation mechanisms fail, an attacker could access another tenant’s data.

2. What type of attack exploits weak API security in cloud services?

A) SQL Injection
B) Man-in-the-Middle (MITM)
C) API Abuse & Credential Stuffing
D) Ransomware

✅ Answer: C) API Abuse & Credential Stuffing
💡 Explanation: Cloud services expose APIs for automation and interaction. Weak authentication and excessive privileges make APIs a prime target for abuse, including credential stuffing and unauthorized access.

3. What is a common risk associated with cloud data storage?

A) Vendor lock-in
B) Data loss and leakage
C) High power consumption
D) Reduced computational power

✅ Answer: B) Data loss and leakage
💡 Explanation: Improper access controls, data misconfigurations, and lack of encryption may lead to data breaches and leaks in cloud storage.

4. Which attack vector involves unauthorized access due to weak or reused passwords?

A) DDoS Attack
B) Account Hijacking
C) Phishing Attack
D) Watering Hole Attack

✅ Answer: B) Account Hijacking
💡 Explanation: Attackers exploit weak or reused passwords to take over accounts, gaining access to sensitive cloud resources.

5. What cloud misconfiguration can lead to public exposure of sensitive data?

A) Over-provisioning resources
B) Lack of resource tagging
C) Improper access control on storage buckets
D) Redundant encryption

✅ Answer: C) Improper access control on storage buckets
💡 Explanation: Misconfigured S3 buckets, Azure Blobs, or Google Storage can leave data exposed to unauthorized users, leading to leaks and breaches.

6. Which attack manipulates DNS settings to redirect cloud traffic to malicious sites?

A) DNS Tunneling
B) DNS Poisoning
C) DNS Amplification
D) DNS Flooding

✅ Answer: B) DNS Poisoning
💡 Explanation: Attackers corrupt DNS resolution, causing users to be redirected to malicious sites where they may enter credentials or download malware.

7. What is the primary risk of Shadow IT in cloud environments?

A) High costs
B) Lack of visibility and control
C) Reduced computational performance
D) Increased encryption complexity

✅ Answer: B) Lack of visibility and control
💡 Explanation: Shadow IT refers to unauthorized cloud applications used without IT approval, leading to security blind spots and unmonitored data exposure.

8. What is the main security concern with weak IAM (Identity and Access Management) policies?

A) Overuse of CPU resources
B) Increased costs
C) Unauthorized access to sensitive data
D) Reduced server uptime

✅ Answer: C) Unauthorized access to sensitive data
💡 Explanation: Weak IAM policies (e.g., excessive permissions, lack of MFA) can allow attackers to escalate privileges and access confidential cloud resources.

9. Which attack exploits unpatched vulnerabilities in virtual machines?

A) Zero-day Attack
B) Cross-Site Scripting (XSS)
C) SQL Injection
D) Clickjacking

✅ Answer: A) Zero-day Attack
💡 Explanation: Attackers exploit unknown vulnerabilities in cloud-hosted virtual machines or containers, gaining unauthorized access before patches are available.

10. Which cloud attack leverages compromised administrator credentials to manipulate infrastructure?

A) Privilege Escalation
B) Insider Threat
C) Hyperjacking
D) Cloud Cryptojacking

✅ Answer: A) Privilege Escalation
💡 Explanation: Attackers escalate privileges by exploiting misconfigured IAM policies or stealing admin credentials to control cloud environments.

11. What cloud attack mines cryptocurrency using hijacked cloud resources?

A) Cryptojacking
B) Cloud Spoofing
C) Packet Sniffing
D) DNS Hijacking

✅ Answer: A) Cryptojacking
💡 Explanation: Attackers deploy malware on cloud servers to illegally mine cryptocurrencies, leading to increased costs and degraded performance.

12. What technique do hackers use to exploit unpatched cloud infrastructure vulnerabilities?

A) Credential Stuffing
B) Exploit Kits
C) SQL Injection
D) Buffer Overflow

✅ Answer: B) Exploit Kits
💡 Explanation: Attackers use automated tools (exploit kits) to scan and exploit known vulnerabilities in unpatched cloud services.

13. What is the impact of an insecure CI/CD pipeline in cloud environments?

A) Slower deployments
B) Increased risk of supply chain attacks
C) Higher cost of cloud storage
D) Poor user experience

✅ Answer: B) Increased risk of supply chain attacks
💡 Explanation: A compromised CI/CD pipeline can lead to code injection attacks, malware deployment, and unauthorized access in cloud-based development.

14. Which cloud security risk is associated with excessive permissions?

A) Insider Threats
B) Social Engineering
C) Least Privilege Violation
D) Network Sniffing

✅ Answer: C) Least Privilege Violation
💡 Explanation: Granting excessive permissions to users or services increases the risk of privilege escalation attacks.

15. What is the best way to prevent cloud service credential theft?

A) Use long passwords
B) Enable Multi-Factor Authentication (MFA)
C) Reduce storage usage
D) Implement container security

✅ Answer: B) Enable Multi-Factor Authentication (MFA)
💡 Explanation: MFA adds an additional authentication layer, making it harder for attackers to use stolen credentials.

16. What is a major risk of a misconfigured cloud firewall?

A) Increased latency
B) Unauthorized inbound/outbound traffic
C) Reduced storage capacity
D) Server over-utilization

✅ Answer: B) Unauthorized inbound/outbound traffic
💡 Explanation: Incorrect firewall rules may expose services, allowing attackers to bypass security controls and access private cloud resources.

17. What is the role of Cloud Security Posture Management (CSPM)?

A) Manage cloud expenses
B) Detect misconfigurations and security risks
C) Improve encryption speed
D) Manage user licenses

✅ Answer: B) Detect misconfigurations and security risks
💡 Explanation: CSPM tools help identify and fix security misconfigurations, unauthorized access, and compliance violations in cloud environments.

18. What attack involves gaining control over a cloud hypervisor?

A) Hyperjacking
B) Clickjacking
C) URL Redirection Attack
D) Ransomware

✅ Answer: A) Hyperjacking
💡 Explanation: Hyperjacking occurs when attackers take control of a hypervisor, allowing them to manipulate virtual machines in a cloud environment.

19. How can organizations protect cloud environments from DDoS attacks?

A) Deploy Web Application Firewalls (WAF)
B) Use default credentials
C) Disable logging
D) Block all traffic

✅ Answer: A) Deploy Web Application Firewalls (WAF)
💡 Explanation: WAFs detect and mitigate DDoS traffic, reducing the impact of volumetric and application-layer attacks.

20. What is the best way to secure cloud backups?

A) Store them in the same region
B) Use encrypted and offsite backups
C) Keep them publicly accessible
D) Reduce backup frequency

✅ Answer: B) Use encrypted and offsite backups
💡 Explanation: Encryption protects backup integrity, and offsite storage ensures availability in case of ransomware or cloud outages.

21. What type of attack exploits an unsecured cloud API by injecting malicious data into API requests?

A) Cross-Site Scripting (XSS)
B) Server-Side Request Forgery (SSRF)
C) Command Injection
D) XML External Entity (XXE)

✅ Answer: D) XML External Entity (XXE)
💡 Explanation: XXE attacks exploit poorly secured APIs that parse XML, allowing attackers to read local files, execute remote code, or conduct denial-of-service attacks.

22. What is the risk of default credentials in cloud services?

A) Easier user onboarding
B) Faster cloud service deployment
C) Increased risk of unauthorized access
D) Better system performance

✅ Answer: C) Increased risk of unauthorized access
💡 Explanation: Many cloud services have default admin credentials. If left unchanged, attackers can easily gain unauthorized access to cloud resources.

23. Which cloud threat involves an attacker redirecting legitimate cloud users to a fake login page to steal credentials?

A) Man-in-the-Middle (MITM)
B) Phishing
C) Credential Stuffing
D) DNS Tunneling

✅ Answer: B) Phishing
💡 Explanation: Phishing attacks trick users into entering credentials on a fake cloud service login page, enabling attackers to hijack accounts.

24. What is a significant risk of using third-party integrations in cloud environments?

A) Increased cloud costs
B) Supply chain attacks
C) Improved application performance
D) Less encryption overhead

✅ Answer: B) Supply chain attacks
💡 Explanation: Attackers exploit third-party software vulnerabilities to inject malware or compromise cloud environments.

25. What cloud attack vector allows attackers to gain control of containerized applications?

A) Container Breakout
B) Cross-Site Request Forgery (CSRF)
C) Clickjacking
D) DNS Amplification

✅ Answer: A) Container Breakout
💡 Explanation: In container breakout attacks, attackers escape from a container’s restricted environment, gaining unauthorized access to the host or other containers.

26. Which cloud attack allows an attacker to execute commands by manipulating query parameters in an API request?

A) SQL Injection
B) Cross-Site Scripting (XSS)
C) Server-Side Request Forgery (SSRF)
D) Insecure Deserialization

✅ Answer: A) SQL Injection
💡 Explanation: SQL Injection attacks occur when API queries are vulnerable to manipulation, allowing attackers to exfiltrate or modify cloud-stored databases.

27. What cloud attack involves injecting unauthorized scripts into a web application that runs in a user’s browser?

A) SQL Injection
B) Cross-Site Scripting (XSS)
C) Server-Side Request Forgery (SSRF)
D) Clickjacking

✅ Answer: B) Cross-Site Scripting (XSS)
💡 Explanation: XSS attacks occur when malicious scripts are injected into cloud-hosted applications, leading to session hijacking, phishing, or data theft.

28. What is a significant risk of unprotected cloud logging services?

A) Increased network traffic
B) Exposure of sensitive log data
C) Decreased application performance
D) Reduced storage capacity

✅ Answer: B) Exposure of sensitive log data
💡 Explanation: If cloud logs contain credentials, API keys, or sensitive data, attackers can harvest valuable information for future attacks.

29. How can attackers exploit weak IAM (Identity and Access Management) configurations?

A) By using social engineering
B) By escalating privileges
C) By deploying ransomware
D) By launching DDoS attacks

✅ Answer: B) By escalating privileges
💡 Explanation: Weak IAM policies (e.g., overly permissive roles, lack of MFA) allow attackers to gain admin privileges and access sensitive cloud data.

30. Which attack involves hackers hijacking an unused subdomain linked to a cloud service?

A) Subdomain Takeover
B) Cross-Site Scripting (XSS)
C) Privilege Escalation
D) DNS Spoofing

✅ Answer: A) Subdomain Takeover
💡 Explanation: Attackers claim an unregistered subdomain to host phishing pages, steal data, or inject malicious scripts.

31. What is the purpose of Cloud Access Security Brokers (CASB)?

A) To enforce security policies on cloud services
B) To improve cloud performance
C) To reduce network latency
D) To block malware in on-premises servers

✅ Answer: A) To enforce security policies on cloud services
💡 Explanation: CASBs monitor and enforce security policies across cloud applications, helping prevent data leaks, access abuse, and API threats.

32. What is a primary concern of storing encryption keys in cloud services?

A) Increased encryption speed
B) Key exposure and unauthorized decryption
C) Reduction in system performance
D) Increased compliance requirements

✅ Answer: B) Key exposure and unauthorized decryption
💡 Explanation: If encryption keys are compromised, attackers can decrypt sensitive cloud-stored data.

33. Which attack tricks cloud users into revealing their multi-factor authentication (MFA) code?

A) Phishing
B) MFA Bypass Attack
C) Man-in-the-Middle (MITM)
D) Credential Stuffing

✅ Answer: B) MFA Bypass Attack
💡 Explanation: Attackers socially engineer users into providing MFA codes, allowing them to bypass security defenses.

34. What is a key risk of poor cloud tenant isolation?

A) Reduced cloud storage costs
B) Cross-Tenant Data Leakage
C) Increased availability
D) Improved performance

✅ Answer: B) Cross-Tenant Data Leakage
💡 Explanation: Poor isolation between cloud tenants allows attackers to access other customers’ data.

35. What cloud attack takes advantage of misconfigured access control policies?

A) Insecure Direct Object Reference (IDOR)
B) SQL Injection
C) Ransomware
D) Cloud Cryptojacking

✅ Answer: A) Insecure Direct Object Reference (IDOR)
💡 Explanation: IDOR flaws allow attackers to manipulate URLs or API endpoints to access restricted cloud data.

36. Which attack manipulates OAuth or SAML authentication flows in cloud services?

A) Token Hijacking
B) Cross-Site Request Forgery (CSRF)
C) Command Injection
D) DNS Spoofing

✅ Answer: A) Token Hijacking
💡 Explanation: Attackers intercept authentication tokens to impersonate users and access cloud services.

37. What is the best mitigation for excessive cloud permissions?

A) Enforce Least Privilege Access
B) Increase storage limits
C) Reduce network bandwidth
D) Disable logging

✅ Answer: A) Enforce Least Privilege Access
💡 Explanation: Restricting permissions to the minimum necessary level helps prevent privilege escalation attacks.

38. What is a primary risk of using free cloud storage services?

A) Vendor lock-in
B) Poor data encryption
C) Limited user access
D) Faster performance

✅ Answer: B) Poor data encryption
💡 Explanation: Many free cloud storage services lack end-to-end encryption, exposing data to unauthorized access.

39. What type of attack targets misconfigured cloud storage services to access sensitive data?

A) Cloud Data Breach
B) DNS Poisoning
C) Server-Side Request Forgery (SSRF)
D) Session Hijacking

✅ Answer: A) Cloud Data Breach
💡 Explanation: Improper access controls on cloud storage services like AWS S3, Google Cloud Storage, and Azure Blob Storage can expose sensitive data to unauthorized users.

40. Which security risk arises when cloud resources are deployed with outdated or unpatched software?

A) Credential Stuffing
B) Insecure Configuration
C) Insufficient Logging
D) Cryptojacking

✅ Answer: B) Insecure Configuration
💡 Explanation: Unpatched cloud services or virtual machines are vulnerable to known exploits, allowing attackers to compromise them through outdated software vulnerabilities.

41. What cloud attack manipulates HTTP headers to gain unauthorized access?

A) Cross-Site Scripting (XSS)
B) HTTP Host Header Injection
C) SQL Injection
D) XML External Entity (XXE)

✅ Answer: B) HTTP Host Header Injection
💡 Explanation: Attackers can modify the HTTP Host Header to bypass authentication, redirect traffic, or conduct cache poisoning attacks.

42. What cloud vulnerability allows attackers to access confidential data by exploiting weak encryption methods?

A) Broken Cryptography
B) Clickjacking
C) Hyperjacking
D) Cross-Site Request Forgery (CSRF)

✅ Answer: A) Broken Cryptography
💡 Explanation: Weak encryption algorithms or improper key management in cloud environments can expose sensitive data to attackers.

43. What is a key risk when cloud users do not regularly review security group settings?

A) Excessive permissions leading to data exposure
B) Faster processing speed
C) Reduced API request rates
D) Increased redundancy

✅ Answer: A) Excessive permissions leading to data exposure
💡 Explanation: Security groups control inbound and outbound traffic. Misconfigured security groups can expose cloud resources to unauthorized access.

44. Which cloud attack involves overloading cloud resources to disrupt services?

A) Distributed Denial-of-Service (DDoS)
B) SQL Injection
C) Insecure Deserialization
D) Cross-Site Scripting (XSS)

✅ Answer: A) Distributed Denial-of-Service (DDoS)
💡 Explanation: DDoS attacks flood cloud applications with excessive traffic, depleting resources and making services unavailable.

45. What security risk arises from excessive API rate limits in cloud applications?

A) Reduced performance
B) API Rate Limit Bypass
C) Enhanced security
D) Increased cloud costs

✅ Answer: B) API Rate Limit Bypass
💡 Explanation: Attackers use automated tools to exploit API rate limits, allowing them to brute-force credentials or scrape sensitive data.

46. What is a major concern of deploying applications in a public cloud?

A) Vendor lock-in
B) Shared infrastructure risks
C) Increased CPU usage
D) Reduced storage availability

✅ Answer: B) Shared infrastructure risks
💡 Explanation: Public cloud environments host multiple tenants, increasing the risk of side-channel attacks, data leakage, and cross-tenant access.

47. What cloud attack exploits a weak session management mechanism?

A) Session Hijacking
B) Ransomware Attack
C) Clickjacking
D) SQL Injection

✅ Answer: A) Session Hijacking
💡 Explanation: Attackers can steal session tokens or cookies to impersonate authenticated users and gain unauthorized access.

48. What cloud security risk is associated with misconfigured Identity Federation settings?

A) Cross-Tenant Access
B) Ransomware Propagation
C) Resource Over-Provisioning
D) API Key Exposure

✅ Answer: A) Cross-Tenant Access
💡 Explanation: Poor identity federation settings can allow users from other tenants to access private resources in a multi-cloud or hybrid environment.

49. What is the best way to protect cloud workloads from insider threats?

A) Implement Role-Based Access Control (RBAC)
B) Disable all user accounts
C) Increase storage capacity
D) Use shared credentials

✅ Answer: A) Implement Role-Based Access Control (RBAC)
💡 Explanation: RBAC ensures users have only the necessary access, reducing the risk of insider threats.

50. What is the main purpose of Secure Access Service Edge (SASE) in cloud environments?

A) Optimize cloud storage
B) Improve data encryption
C) Enhance security by integrating networking and security functions
D) Reduce API request rates

✅ Answer: C) Enhance security by integrating networking and security functions
💡 Explanation: SASE combines network security functions (e.g., firewalls, Zero Trust) with cloud-based security solutions to improve cloud security.

51. What is the biggest security risk of using weak API authentication mechanisms?

A) API Abuse and Unauthorized Access
B) Increased processing speed
C) Reduced attack surface
D) Improved scalability

✅ Answer: A) API Abuse and Unauthorized Access
💡 Explanation: Weak API authentication allows attackers to exploit APIs, leading to unauthorized access and data leaks.

52. What is a major concern with improper key management in cloud environments?

A) Increased encryption speed
B) Exposure of sensitive data
C) Improved compliance
D) Reduced backup costs

✅ Answer: B) Exposure of sensitive data
💡 Explanation: Poor encryption key management can lead to unauthorized access to encrypted data.

53. What is the primary goal of a cloud ransomware attack?

A) Data encryption and extortion
B) Reduced network latency
C) Increased cloud storage performance
D) Faster deployment of services

✅ Answer: A) Data encryption and extortion
💡 Explanation: Attackers use ransomware to encrypt cloud data and demand payment for decryption keys.

54. How can organizations prevent unauthorized cloud access?

A) Implement Multi-Factor Authentication (MFA)
B) Store credentials in plaintext
C) Allow unrestricted API access
D) Disable logging

✅ Answer: A) Implement Multi-Factor Authentication (MFA)
💡 Explanation: MFA provides an additional security layer, making it harder for attackers to exploit compromised credentials.

55. What security threat involves using AI-powered bots to attack cloud applications?

A) AI-Powered Credential Stuffing
B) Cross-Site Scripting (XSS)
C) DNS Poisoning
D) Clickjacking

✅ Answer: A) AI-Powered Credential Stuffing
💡 Explanation: Attackers use AI-driven bots to automate credential stuffing, making attacks more efficient and difficult to detect.

56. What cloud attack exploits weak JWT (JSON Web Token) implementations?

A) Token Forgery
B) API Rate Limiting
C) Session Expiration Attack
D) Command Injection

✅ Answer: A) Token Forgery
💡 Explanation: Weak JWT implementations can be exploited to generate or manipulate authentication tokens, bypassing security controls.

57. What is the most common cause of cloud security breaches?

A) Zero-day exploits
B) Misconfigurations and human errors
C) Physical data center attacks
D) High CPU utilization

✅ Answer: B) Misconfigurations and human errors
💡 Explanation: According to various security reports, misconfigurations in cloud environments (e.g., open S3 buckets, weak IAM policies) are responsible for a majority of cloud security breaches.

58. What attack leverages cloud environments for large-scale botnet activities?

A) Cloud-based Botnets
B) DNS Tunneling
C) HTTP Response Smuggling
D) SQL Injection

✅ Answer: A) Cloud-based Botnets
💡 Explanation: Attackers hijack cloud instances to build powerful botnets, which are then used for launching DDoS attacks, spam campaigns, and brute-force attacks.

59. What is a major security risk when using Infrastructure as Code (IaC) in cloud environments?

A) Lack of automation
B) Hardcoded credentials in scripts
C) Reduced scalability
D) Increased latency

✅ Answer: B) Hardcoded credentials in scripts
💡 Explanation: Storing API keys, database credentials, or admin passwords in IaC templates can expose them to attackers, leading to unauthorized access.

60. What is a significant security concern of cloud-based DevOps environments?

A) Unsecured CI/CD pipelines
B) Faster application deployment
C) Limited network bandwidth
D) Increased cost

✅ Answer: A) Unsecured CI/CD pipelines
💡 Explanation: Poorly secured Continuous Integration/Continuous Deployment (CI/CD) pipelines can allow attackers to inject malicious code or compromise cloud workloads.

61. What cloud attack exploits misconfigured Cross-Origin Resource Sharing (CORS) policies?

A) Cross-Site Script Inclusion (XSSI)
B) Cross-Site Request Forgery (CSRF)
C) Insecure API Exposure
D) Cloud Cryptojacking

✅ Answer: A) Cross-Site Script Inclusion (XSSI)
💡 Explanation: If CORS policies allow overly permissive domains, attackers can steal sensitive data via JavaScript-based exploits.

62. Which attack method allows unauthorized execution of server-side commands?

A) Remote Code Execution (RCE)
B) API Spoofing
C) Directory Traversal
D) Clickjacking

✅ Answer: A) Remote Code Execution (RCE)
💡 Explanation: RCE exploits unpatched vulnerabilities to allow attackers to execute arbitrary code within cloud-hosted applications.

63. What is a major concern of weak session expiration policies in cloud services?

A) Increased CPU utilization
B) Session Hijacking
C) Reduced data redundancy
D) Faster response time

✅ Answer: B) Session Hijacking
💡 Explanation: If session tokens remain active for too long, attackers can reuse stolen tokens to gain unauthorized access to cloud accounts.

64. What is a common threat in multi-cloud environments?

A) Increased compliance requirements
B) Inconsistent security policies
C) Improved service availability
D) Lower operational costs

✅ Answer: B) Inconsistent security policies
💡 Explanation: Multi-cloud deployments increase complexity, making it harder to enforce consistent IAM policies, logging, and monitoring.

65. What attack exploits weak encryption in cloud file-sharing services?

A) Data Interception
B) API Rate Limiting
C) Cloud Bucket Enumeration
D) Server-Side Request Forgery (SSRF)

✅ Answer: A) Data Interception
💡 Explanation: Weak encryption allows attackers to eavesdrop on network traffic, intercepting sensitive data.

66. What is a key security risk of Bring Your Own Device (BYOD) in cloud environments?

A) Increased latency
B) Uncontrolled data access
C) High cloud storage costs
D) Limited automation

✅ Answer: B) Uncontrolled data access
💡 Explanation: Personal devices lack centralized security controls, increasing the risk of data leaks, malware infections, and unauthorized access.

67. Which attack exploits flaws in authentication flows in cloud applications?

A) Token Hijacking
B) Cross-Site Request Forgery (CSRF)
C) DNS Spoofing
D) SQL Injection

✅ Answer: A) Token Hijacking
💡 Explanation: Attackers steal authentication tokens to impersonate legitimate users and gain unauthorized cloud access.

68. What security risk arises when an organization fails to monitor its cloud resources?

A) Lack of resource optimization
B) Undetected security breaches
C) Reduced API response times
D) Increased storage efficiency

✅ Answer: B) Undetected security breaches
💡 Explanation: Without proper monitoring and security logging, cloud intrusions can go unnoticed, allowing attackers to operate freely.

69. What is a common result of misconfigured Role-Based Access Control (RBAC) in cloud environments?

A) Unauthorized privilege escalation
B) Faster API response times
C) Improved cloud resource allocation
D) Reduced IAM complexity

✅ Answer: A) Unauthorized privilege escalation
💡 Explanation: Poorly configured RBAC policies can give users excessive permissions, leading to privilege escalation attacks.

70. What type of attack manipulates a cloud service’s cost structure to drain resources?

A) Cloud Resource Exhaustion Attack
B) DNS Amplification Attack
C) API Token Theft
D) Broken Cryptography

✅ Answer: A) Cloud Resource Exhaustion Attack
💡 Explanation: Attackers trigger unnecessary resource consumption (e.g., infinite API requests, excessive compute usage) to increase cloud bills and degrade performance.

71. What is a primary risk of public Wi-Fi usage in cloud-based remote work?

A) Man-in-the-Middle (MITM) attacks
B) Increased latency
C) High API call rates
D) Excessive logging

✅ Answer: A) Man-in-the-Middle (MITM) attacks
💡 Explanation: Public Wi-Fi lacks encryption, allowing attackers to intercept sensitive cloud login credentials and session tokens.

72. What attack exploits cloud metadata services to gain access tokens?

A) Server-Side Request Forgery (SSRF)
B) Session Fixation
C) Broken Authentication
D) Cross-Site Scripting (XSS)

✅ Answer: A) Server-Side Request Forgery (SSRF)
💡 Explanation: SSRF attacks target cloud metadata services (e.g., AWS instance metadata API) to steal IAM credentials and access tokens.

73. Which security practice helps prevent cloud credential theft?

A) Enabling Multi-Factor Authentication (MFA)
B) Disabling IAM roles
C) Reducing CPU utilization
D) Using only default cloud configurations

✅ Answer: A) Enabling Multi-Factor Authentication (MFA)
💡 Explanation: MFA provides an additional layer of security, reducing the risk of account hijacking even if credentials are leaked.

74. What cloud attack exploits improperly validated URL redirects?

A) Open Redirect Attack
B) Ransomware Injection
C) Command Injection
D) SQL Injection

✅ Answer: A) Open Redirect Attack
💡 Explanation: Attackers use open redirect vulnerabilities to phish cloud users by redirecting them to malicious sites.

75. What type of attack takes advantage of weakly secured cloud function triggers to execute arbitrary code?

A) Event Injection Attack
B) Cloud API Abuse
C) Cryptojacking
D) Clickjacking

✅ Answer: A) Event Injection Attack
💡 Explanation: Cloud functions rely on triggers (e.g., HTTP requests, database updates). Attackers can manipulate these triggers to execute unauthorized cloud functions, leading to data theft or resource abuse.

76. What is the risk of excessive permissions in cloud-based Identity and Access Management (IAM)?

A) Service degradation
B) Privilege Escalation Attacks
C) Faster authentication
D) Reduced compliance burden

✅ Answer: B) Privilege Escalation Attacks
💡 Explanation: Overly permissive IAM roles allow attackers or malicious insiders to escalate privileges, gaining full control over cloud environments.

77. What cloud security threat arises when organizations do not properly decommission unused resources?

A) Cloud Resource Hijacking
B) DNS Spoofing
C) API Token Expiration
D) Server-Side Request Forgery (SSRF)

✅ Answer: A) Cloud Resource Hijacking
💡 Explanation: Abandoned cloud instances, storage, and APIs can be exploited by attackers if not properly deleted, leading to data exposure and unauthorized resource usage.

78. Which cloud attack exploits misconfigured secrets management to extract credentials?

A) Secret Sprawl Attack
B) SQL Injection
C) Cross-Site Request Forgery (CSRF)
D) HTTP Response Smuggling

✅ Answer: A) Secret Sprawl Attack
💡 Explanation: Storing secrets (API keys, credentials) in plaintext or misconfigured vaults increases the risk of credential exposure.

79. What cloud attack involves targeting data in transit between cloud services?

A) Man-in-the-Middle (MITM) Attack
B) Remote Code Execution (RCE)
C) XML External Entity (XXE) Injection
D) API Abuse

✅ Answer: A) Man-in-the-Middle (MITM) Attack
💡 Explanation: MITM attacks intercept and manipulate network traffic, allowing attackers to steal credentials, inject malicious data, or modify API responses.

80. What is a key security risk of using publicly shared cloud storage links?

A) Unauthorized Data Exposure
B) Reduced performance
C) Increased encryption overhead
D) Limited bandwidth

✅ Answer: A) Unauthorized Data Exposure
💡 Explanation: Public cloud storage links can be accessed by anyone, leading to sensitive data leaks if they are not properly secured.

81. What is a major risk of using outdated encryption protocols in cloud applications?

A) Reduced API request latency
B) Susceptibility to cryptographic attacks
C) Increased application speed
D) Faster data transmission

✅ Answer: B) Susceptibility to cryptographic attacks
💡 Explanation: Weak encryption (e.g., outdated SSL/TLS versions) allows attackers to decrypt sensitive cloud communications, leading to data breaches.

82. What cloud attack occurs when attackers manipulate metadata APIs to obtain credentials?

A) Server-Side Request Forgery (SSRF)
B) Command Injection
C) Cross-Site Scripting (XSS)
D) Cloud Credential Stuffing

✅ Answer: A) Server-Side Request Forgery (SSRF)
💡 Explanation: SSRF attacks allow attackers to query cloud metadata services (e.g., AWS, Azure, GCP) to steal access tokens or credentials.

83. What is the primary goal of a cloud ransomware attack?

A) Encrypt and hold data hostage
B) Increase API request rates
C) Reduce cloud resource utilization
D) Improve cloud performance

✅ Answer: A) Encrypt and hold data hostage
💡 Explanation: Ransomware attacks encrypt cloud-hosted files and demand payment for decryption keys, disrupting business operations.

84. What type of attack leverages cloud misconfigurations to move laterally across multiple cloud accounts?

A) Cloud Lateral Movement Attack
B) Open Redirect Exploitation
C) API Rate Limiting Abuse
D) Cross-Site Request Forgery (CSRF)

✅ Answer: A) Cloud Lateral Movement Attack
💡 Explanation: Attackers use compromised credentials, unsecured APIs, or misconfigured IAM roles to spread across multiple cloud accounts, increasing damage.

85. What is the risk of leaving old access keys active in cloud environments?

A) API Key Reuse Attacks
B) Faster authentication
C) Reduced cloud costs
D) Improved compliance

✅ Answer: A) API Key Reuse Attacks
💡 Explanation: Old, unused API keys and access tokens can be exploited if they are not properly revoked, leading to unauthorized cloud access.

86. What cloud security risk is associated with weak firewall rules?

A) Exposure to inbound and outbound attacks
B) Increased storage costs
C) Decreased bandwidth usage
D) Faster API responses

✅ Answer: A) Exposure to inbound and outbound attacks
💡 Explanation: Weak firewall configurations expose cloud servers to unauthorized connections, increasing the risk of data breaches and malware infiltration.

87. What attack allows cybercriminals to inject malicious scripts into cloud-based web applications?

A) Stored Cross-Site Scripting (XSS)
B) DNS Poisoning
C) Cloud Data Exfiltration
D) Secure Token Manipulation

✅ Answer: A) Stored Cross-Site Scripting (XSS)
💡 Explanation: Stored XSS attacks inject malicious JavaScript into cloud-hosted applications, leading to session hijacking and data theft.

88. What is the risk of unpatched virtual machine (VM) images in the cloud?

A) VM Exploitation by Known Vulnerabilities
B) Reduced storage performance
C) Increased application speed
D) Lower resource provisioning

✅ Answer: A) VM Exploitation by Known Vulnerabilities
💡 Explanation: Unpatched cloud VM images can contain security flaws that attackers exploit to gain unauthorized access.

89. What is the purpose of Cloud Security Posture Management (CSPM) tools?

A) Identify misconfigurations and security risks
B) Improve cloud speed
C) Reduce IAM policy complexity
D) Optimize API calls

✅ Answer: A) Identify misconfigurations and security risks
💡 Explanation: CSPM tools scan cloud environments for misconfigurations, excessive permissions, and security vulnerabilities.

90. What type of attack involves an attacker abusing OAuth tokens to gain persistent access to cloud applications?

A) OAuth Token Theft Attack
B) SQL Injection
C) Cloud Bucket Enumeration
D) API Rate Abuse

✅ Answer: A) OAuth Token Theft Attack
💡 Explanation: Attackers steal OAuth tokens to bypass authentication, gaining persistent access to cloud applications and data.

91. What type of attack involves injecting malicious JSON data to manipulate cloud APIs?

A) JSON Injection
B) SQL Injection
C) DNS Spoofing
D) Token Replay Attack

✅ Answer: A) JSON Injection
💡 Explanation: JSON Injection attacks exploit weakly validated API inputs, allowing attackers to modify cloud service behaviors or access unauthorized data.

92. What is the risk of excessive logging in cloud environments?

A) Sensitive Data Exposure
B) Reduced storage costs
C) Faster data processing
D) Increased compliance

✅ Answer: A) Sensitive Data Exposure
💡 Explanation: If logs contain API keys, credentials, or sensitive data, attackers can extract and misuse them for unauthorized access.

93. What attack targets cloud storage permissions to access confidential files?

A) Cloud Bucket Enumeration Attack
B) Clickjacking
C) Cross-Site Request Forgery (CSRF)
D) Secure Token Manipulation

✅ Answer: A) Cloud Bucket Enumeration Attack
💡 Explanation: Attackers scan cloud storage services (e.g., AWS S3, Azure Blob Storage) for misconfigured public permissions to access sensitive files.

94. What is a common attack against containerized cloud applications?

A) Container Escape Attack
B) DNS Poisoning
C) XML External Entity (XXE) Injection
D) Ransomware Injection

✅ Answer: A) Container Escape Attack
💡 Explanation: Poorly configured containers can allow attackers to escape isolation boundaries, gaining access to the underlying host system.

95. What is the primary purpose of Cloud Security Information and Event Management (SIEM) solutions?

A) Monitor and detect security threats
B) Reduce cloud resource consumption
C) Improve storage efficiency
D) Increase application speed

✅ Answer: A) Monitor and detect security threats
💡 Explanation: SIEM solutions collect, analyze, and correlate security events to identify potential cloud security threats.

96. What cloud attack involves using expired or weak SSL/TLS certificates to intercept encrypted communications?

A) SSL Stripping Attack
B) Man-in-the-Middle (MITM) Attack
C) Cryptojacking
D) API Spoofing

✅ Answer: A) SSL Stripping Attack
💡 Explanation: SSL Stripping downgrades HTTPS connections to HTTP, allowing attackers to intercept and read sensitive cloud communications.

97. What type of cloud attack allows unauthorized users to exploit over-permissioned IAM roles?

A) Over-Privileged Role Exploitation
B) Cross-Site Request Forgery (CSRF)
C) HTTP Smuggling
D) DNS Tunneling

✅ Answer: A) Over-Privileged Role Exploitation
💡 Explanation: IAM roles with excessive permissions increase the attack surface, allowing attackers to escalate privileges and take over cloud resources.

98. What is the risk of failing to rotate cloud access keys regularly?

A) Credential Reuse Attacks
B) Faster authentication
C) Reduced cloud costs
D) Improved compliance

✅ Answer: A) Credential Reuse Attacks
💡 Explanation: Old or exposed credentials can be reused in brute-force and credential stuffing attacks, leading to unauthorized cloud access.

99. What cloud security risk arises from lack of egress filtering in virtual machines?

A) Data Exfiltration
B) Increased processing speed
C) Lower latency
D) Improved compliance

✅ Answer: A) Data Exfiltration
💡 Explanation: Without proper egress filtering, attackers can use compromised cloud VMs to send stolen data to external malicious servers.

100. What is the main purpose of a Web Application Firewall (WAF) in cloud environments?

A) Protect against web-based attacks
B) Reduce cloud costs
C) Increase API response speed
D) Improve data redundancy

✅ Answer: A) Protect against web-based attacks
💡 Explanation: WAFs block threats like SQL injection, cross-site scripting (XSS), and other web-based exploits.

101. What cloud attack involves hijacking a cloud-based CI/CD pipeline?

A) Pipeline Poisoning Attack
B) Clickjacking
C) SQL Injection
D) Token Theft

✅ Answer: A) Pipeline Poisoning Attack
💡 Explanation: Attackers compromise CI/CD pipelines to inject malicious code into cloud-hosted applications.

102. What is a primary risk of excessive open network ports in cloud security groups?

A) Increased attack surface
B) Improved network speed
C) Reduced latency
D) Higher cloud storage performance

✅ Answer: A) Increased attack surface
💡 Explanation: Open network ports allow unauthorized inbound and outbound connections, increasing the risk of cloud breaches.

103. What is a security risk of using default cloud service accounts?

A) Privilege Escalation
B) Faster service provisioning
C) Lower cloud costs
D) Reduced network traffic

✅ Answer: A) Privilege Escalation
💡 Explanation: Default service accounts often have broad permissions, making them a prime target for privilege escalation attacks.

104. What attack takes advantage of exposed Kubernetes dashboard instances?

A) Kubernetes Dashboard Takeover
B) SQL Injection
C) Cloud Cryptojacking
D) Cross-Site Scripting (XSS)

✅ Answer: A) Kubernetes Dashboard Takeover
💡 Explanation: Exposed Kubernetes dashboards can allow attackers to control clusters, deploy malware, or access sensitive configurations.

105. What is a major risk of cloud-based shared computing environments?

A) Side-Channel Attacks
B) Improved redundancy
C) Reduced power consumption
D) Increased performance

✅ Answer: A) Side-Channel Attacks
💡 Explanation: Attackers can exploit shared CPU cache, memory, or other resources to extract sensitive information from co-located virtual machines.

106. What type of attack allows attackers to manipulate an application’s OAuth authentication process?

A) OAuth Token Forgery
B) SQL Injection
C) Directory Traversal
D) API Rate Limiting

✅ Answer: A) OAuth Token Forgery
💡 Explanation: Poorly implemented OAuth authentication can allow attackers to forge tokens and gain unauthorized access to cloud services.

107. What cloud attack involves hijacking DNS records to redirect users to malicious websites?

A) DNS Hijacking
B) HTTP Host Header Injection
C) Cross-Site Request Forgery (CSRF)
D) Session Fixation

✅ Answer: A) DNS Hijacking
💡 Explanation: Attackers manipulate DNS settings to redirect traffic to malicious sites, leading to phishing or malware infections.

108. What cloud vulnerability allows attackers to upload and execute unauthorized files?

A) Insecure File Upload
B) SQL Injection
C) DNS Spoofing
D) Secure Token Manipulation

✅ Answer: A) Insecure File Upload
💡 Explanation: Poorly validated file upload mechanisms allow attackers to upload malicious scripts, leading to code execution attacks.

109. What is a key concern when using third-party cloud automation scripts?

A) Supply Chain Attacks
B) Increased application speed
C) Lower API request rates
D) Reduced network bandwidth

✅ Answer: A) Supply Chain Attacks
💡 Explanation: Compromised third-party automation scripts can introduce malware, backdoors, or malicious dependencies into cloud environments.

110. What cloud threat exploits vulnerabilities in IoT devices connected to cloud platforms?

A) IoT Cloud Botnet Attack
B) SQL Injection
C) XML External Entity (XXE) Injection
D) Cloud Privilege Escalation

✅ Answer: A) IoT Cloud Botnet Attack
💡 Explanation: Insecure IoT devices in cloud environments can be hijacked to create botnets for DDoS attacks, cryptojacking, or espionage.

111. What is a major risk when cloud databases are not properly encrypted?

A) Data Exposure in Case of a Breach
B) Increased response time
C) Lower computational costs
D) Faster data processing

✅ Answer: A) Data Exposure in Case of a Breach
💡 Explanation: Unencrypted cloud databases allow attackers to access sensitive data in plain text if they are compromised.

112. What attack leverages outdated API versions to exploit security vulnerabilities?

A) API Version Downgrade Attack
B) Cross-Site Request Forgery (CSRF)
C) XML External Entity (XXE) Injection
D) JSON Web Token (JWT) Forgery

✅ Answer: A) API Version Downgrade Attack
💡 Explanation: Attackers force cloud applications to use an older, vulnerable API version to exploit known security weaknesses.

113. What cloud security threat arises when misconfigured identity federation allows unauthorized access?

A) Federation Bypass Attack
B) SQL Injection
C) Command Injection
D) Server-Side Request Forgery (SSRF)

✅ Answer: A) Federation Bypass Attack
💡 Explanation: Weakly configured identity federation can allow attackers to bypass authentication and access cloud resources.

114. What is a primary concern when cloud VMs share the same physical hardware?

A) Side-Channel Attacks
B) Increased latency
C) Limited resource scaling
D) Reduced encryption overhead

✅ Answer: A) Side-Channel Attacks
💡 Explanation: Attackers can use shared resources (CPU, memory) to infer data from other VMs running on the same physical hardware.

115. What attack exploits the reuse of expired access tokens in cloud authentication systems?

A) Token Replay Attack
B) Directory Traversal
C) Secure Token Manipulation
D) SQL Injection

✅ Answer: A) Token Replay Attack
💡 Explanation: Attackers capture and reuse expired authentication tokens to gain unauthorized access to cloud applications.

116. What cloud security issue arises from overly broad storage permissions?

A) Unrestricted Data Access
B) Faster data retrieval
C) Lower API request rates
D) Improved performance

✅ Answer: A) Unrestricted Data Access
💡 Explanation: Overly broad permissions allow unauthorized users to access or modify cloud-stored files, leading to data breaches.

117. What attack allows an attacker to inject malicious headers into HTTP requests in cloud environments?

A) HTTP Header Injection
B) API Token Hijacking
C) DNS Tunneling
D) SSL Stripping

✅ Answer: A) HTTP Header Injection
💡 Explanation: Manipulated HTTP headers can allow attackers to bypass security checks or redirect users to malicious endpoints.

118. What type of cloud attack takes advantage of weak Kubernetes configurations?

A) Kubernetes Misconfiguration Exploitation
B) Secure Socket Layer (SSL) Attack
C) XML External Entity (XXE) Injection
D) API Brute Force Attack

✅ Answer: A) Kubernetes Misconfiguration Exploitation
💡 Explanation: Poorly configured Kubernetes clusters can expose control panels, allowing attackers to manipulate workloads.

119. What is the main risk of exposing cloud management interfaces to the public internet?

A) Increased Brute-Force Attacks
B) Faster cloud deployment
C) Lower bandwidth usage
D) Improved data redundancy

✅ Answer: A) Increased Brute-Force Attacks
💡 Explanation: Publicly accessible cloud management interfaces are prime targets for brute-force attacks and credential stuffing.

120. What cloud security risk arises from excessive caching of sensitive information?

A) Cache Poisoning Attack
B) Ransomware Injection
C) SQL Injection
D) Cloud Cryptojacking

✅ Answer: A) Cache Poisoning Attack
💡 Explanation: Attackers can manipulate cached data to serve malicious content or inject false data into cloud applications.

121. What security risk arises when cloud applications fail to enforce input validation?

A) Command Injection
B) Cloud API Rate Limiting
C) DNS Hijacking
D) Secure Key Exposure

✅ Answer: A) Command Injection
💡 Explanation: Without input validation, attackers can inject commands into application input fields, leading to unauthorized command execution.

122. What attack exploits weak multi-tenancy controls in cloud environments?

A) Tenant Escape Attack
B) Server-Side Request Forgery (SSRF)
C) SQL Injection
D) OAuth Token Theft

✅ Answer: A) Tenant Escape Attack
💡 Explanation: Weak isolation between cloud tenants can allow attackers to access data from other tenants on shared infrastructure.

123. What is a key risk of using insecure third-party cloud integrations?

A) Supply Chain Attack
B) Reduced cloud costs
C) Increased API request latency
D) Faster application deployment

✅ Answer: A) Supply Chain Attack
💡 Explanation: Compromised third-party integrations can introduce vulnerabilities that allow attackers to access cloud resources.

124. What cloud attack exploits weak virtual network configurations?

A) Virtual Network Eavesdropping
B) Secure Token Manipulation
C) JSON Web Token (JWT) Forgery
D) OAuth Token Reuse

✅ Answer: A) Virtual Network Eavesdropping
💡 Explanation: Weak network segmentation can allow attackers to intercept data within a virtual cloud network.

125. What security flaw allows attackers to manipulate cloud logging services?

A) Log Forging Attack
B) DNS Spoofing
C) SQL Injection
D) Cross-Site Request Forgery (CSRF)

✅ Answer: A) Log Forging Attack
💡 Explanation: Attackers manipulate logs to insert false entries, making it difficult to detect security breaches.

126. What is the primary risk of insecure password storage in cloud applications?

A) Credential Theft and Account Takeover
B) Faster authentication
C) Reduced cloud costs
D) Improved storage efficiency

✅ Answer: A) Credential Theft and Account Takeover
💡 Explanation: Storing passwords in plaintext or using weak hashing allows attackers to steal credentials easily.

127. What type of cloud attack exploits lack of integrity checks in uploaded files?

A) Malicious File Upload Attack
B) Token Reuse Attack
C) Secure API Bypass
D) Ransomware Spread

✅ Answer: A) Malicious File Upload Attack
💡 Explanation: Attackers upload scripts or malware disguised as normal files to execute unauthorized actions.

128. What cloud threat arises when applications allow unrestricted API access?

A) API Abuse and Data Theft
B) Increased application speed
C) Reduced encryption complexity
D) Lower IAM policy overhead

✅ Answer: A) API Abuse and Data Theft
💡 Explanation: Unrestricted API access allows attackers to retrieve, modify, or delete sensitive cloud data.

129. What cloud security risk arises from shared credentials among multiple services?

A) Credential Reuse Attacks
B) Faster authentication
C) Lower network latency
D) Increased performance

✅ Answer: A) Credential Reuse Attacks
💡 Explanation: If the same credentials are used across multiple cloud services, attackers can use stolen credentials to access multiple accounts.

130. What attack targets exposed Kubernetes API endpoints?

A) Kubernetes API Exploitation
B) SQL Injection
C) XML External Entity (XXE) Injection
D) Clickjacking

✅ Answer: A) Kubernetes API Exploitation
💡 Explanation: Exposed Kubernetes APIs can allow attackers to manipulate cloud containers and workloads.

131. What cloud attack exploits excessive API permissions to escalate privileges?

A) API Privilege Escalation Attack
B) SQL Injection
C) Cross-Site Scripting (XSS)
D) Cloud Bucket Enumeration

✅ Answer: A) API Privilege Escalation Attack
💡 Explanation: If an API has excessive permissions, attackers can use it to escalate privileges and gain access to restricted cloud resources.

132. What cloud security risk arises when improper logging configurations expose sensitive information?

A) Log Leakage Attack
B) HTTP Smuggling
C) XML Injection
D) Cross-Tenant Access

✅ Answer: A) Log Leakage Attack
💡 Explanation: If logs contain sensitive data (e.g., API keys, credentials), attackers can extract them to gain unauthorized access.

133. What is the primary risk of over-provisioning cloud IAM roles?

A) Unauthorized Access & Privilege Escalation
B) Reduced application performance
C) Increased API latency
D) Slower cloud deployments

✅ Answer: A) Unauthorized Access & Privilege Escalation
💡 Explanation: Excessive IAM permissions increase the attack surface, allowing attackers or insiders to escalate privileges.

134. What type of attack exploits an exposed cloud database instance with weak authentication?

A) Open Database Exposure Attack
B) Clickjacking
C) API Rate Limiting Abuse
D) Secure Key Manipulation

✅ Answer: A) Open Database Exposure Attack
💡 Explanation: Poorly configured cloud databases (e.g., open MongoDB, Elasticsearch) can be accessed by attackers, leading to data breaches.

135. What security issue arises when expired cloud instances remain active due to misconfiguration?

A) Zombie Cloud Instances
B) SQL Injection
C) OAuth Token Reuse Attack
D) XML External Entity (XXE) Injection

✅ Answer: A) Zombie Cloud Instances
💡 Explanation: Expired but active cloud instances can be exploited by attackers, leading to unauthorized access or data exfiltration.

136. What cloud attack targets misconfigured Cross-Origin Resource Sharing (CORS) settings?

A) Cross-Origin Data Theft Attack
B) DNS Spoofing
C) Server-Side Request Forgery (SSRF)
D) JSON Web Token (JWT) Replay

✅ Answer: A) Cross-Origin Data Theft Attack
💡 Explanation: Poorly configured CORS policies allow unauthorized domains to access sensitive cloud data via JavaScript.

137. What is a major risk of allowing unrestricted outbound traffic from cloud environments?

A) Data Exfiltration & Command-and-Control Communication
B) Reduced network latency
C) Increased authentication speed
D) Faster data transmission

✅ Answer: A) Data Exfiltration & Command-and-Control Communication
💡 Explanation: Without outbound traffic controls, attackers can send stolen data to external servers or establish communication with malware.

138. What cloud attack manipulates service-level agreements (SLAs) to degrade service quality?

A) Cloud Service Denial Attack
B) Credential Stuffing
C) DNS Tunneling
D) OAuth Token Expiry Manipulation

✅ Answer: A) Cloud Service Denial Attack
💡 Explanation: Attackers may exploit SLA limitations to degrade or disrupt cloud services, impacting availability.

139. What cloud security issue arises when public cloud storage URLs are indexed by search engines?

A) Public Data Exposure via Search Engine Indexing
B) API Token Hijacking
C) Secure File Manipulation
D) XML External Entity (XXE) Injection

✅ Answer: A) Public Data Exposure via Search Engine Indexing
💡 Explanation: Unprotected cloud storage URLs can be indexed by search engines, making sensitive files publicly accessible.

140. What attack manipulates API response headers to perform cache poisoning?

A) Cloud Cache Poisoning Attack
B) Cross-Site Scripting (XSS)
C) SQL Injection
D) Cloud Cryptojacking

✅ Answer: A) Cloud Cache Poisoning Attack
💡 Explanation: Attackers modify API response headers to store malicious content in cloud-based caches, leading to persistent attacks.

141. What is a key risk of allowing excessive resource provisioning in cloud environments?

A) Cloud Resource Exhaustion Attack
B) Clickjacking
C) API Rate Abuse
D) Secure Token Forgery

✅ Answer: A) Cloud Resource Exhaustion Attack
💡 Explanation: Attackers may launch excessive processes to consume cloud resources, leading to performance degradation or high costs.

142. What attack involves an attacker hijacking an expired but unclaimed cloud subdomain?

A) Cloud Subdomain Takeover Attack
B) DNS Cache Poisoning
C) HTTP Smuggling
D) Secure Token Theft

✅ Answer: A) Cloud Subdomain Takeover Attack
💡 Explanation: If a cloud subdomain is abandoned but not removed, attackers can claim it and use it for phishing or malware distribution.

143. What cloud security flaw occurs when cloud users fail to apply security patches?

A) Cloud Patch Exploitation Attack
B) OAuth Replay Attack
C) Server-Side Request Forgery (SSRF)
D) JSON Web Token (JWT) Forgery

✅ Answer: A) Cloud Patch Exploitation Attack
💡 Explanation: Attackers target unpatched cloud workloads to exploit known vulnerabilities.

144. What attack allows attackers to inject malicious data into NoSQL cloud databases?

A) NoSQL Injection Attack
B) API Token Replay
C) DNS Hijacking
D) Cloud Rate Limit Bypass

✅ Answer: A) NoSQL Injection Attack
💡 Explanation: NoSQL Injection allows attackers to manipulate unvalidated input to access or modify cloud-stored NoSQL database records.

145. What cloud security risk arises when default cloud settings are left unchanged?

A) Default Configuration Exploitation
B) OAuth Token Hijacking
C) JSON API Spoofing
D) SQL Injection

✅ Answer: A) Default Configuration Exploitation
💡 Explanation: Leaving default cloud settings unchanged increases security risks, as attackers often exploit these configurations.

146. What attack involves inserting unauthorized HTTP headers into cloud-based API requests?

A) HTTP Header Smuggling Attack
B) Cross-Site Request Forgery (CSRF)
C) OAuth Token Expiry Manipulation
D) Secure API Bypass

✅ Answer: A) HTTP Header Smuggling Attack
💡 Explanation: Attackers inject unauthorized headers to manipulate cloud-based API behaviors, leading to security bypasses.

147. What cloud security risk arises when firewall rules are too permissive?

A) Exposure to External Attacks
B) Increased data redundancy
C) Faster request processing
D) Reduced authentication overhead

✅ Answer: A) Exposure to External Attacks
💡 Explanation: Overly permissive firewall rules expose cloud services to unauthorized access and exploitation.

148. What attack exploits vulnerable cloud-based IoT services?

A) IoT Cloud Botnet Attack
B) OAuth Replay Attack
C) Secure Token Theft
D) SQL Injection

✅ Answer: A) IoT Cloud Botnet Attack
💡 Explanation: Insecure IoT devices in cloud environments can be hijacked to create botnets for DDoS attacks or data exfiltration.

149. What attack exploits cloud-based serverless functions to execute unauthorized code?

A) Serverless Code Injection Attack
B) DNS Hijacking
C) OAuth Replay Attack
D) Secure File Manipulation

✅ Answer: A) Serverless Code Injection Attack
💡 Explanation: If serverless functions are not properly secured, attackers can inject malicious code, leading to unauthorized execution.

150. What attack abuses public cloud storage URLs for phishing campaigns?

A) Cloud Phishing Attack
B) Secure API Bypass
C) JSON Token Theft
D) HTTP Smuggling

✅ Answer: A) Cloud Phishing Attack
💡 Explanation: Attackers use publicly accessible cloud storage links to host malicious files or phishing pages.

151. What cloud attack exploits race conditions in multi-threaded cloud applications?

A) Race Condition Exploitation
B) OAuth Token Replay
C) Secure API Rate Bypass
D) Cloud Data Poisoning

✅ Answer: A) Race Condition Exploitation
💡 Explanation: Race conditions occur when multiple processes access and modify shared resources simultaneously, leading to unexpected security vulnerabilities.

152. What cloud security risk arises from weak access controls on serverless functions?

A) Unauthorized Code Execution
B) Increased storage costs
C) Slower processing times
D) Reduced data availability

✅ Answer: A) Unauthorized Code Execution
💡 Explanation: If serverless functions lack proper authentication and authorization, attackers can execute malicious code.

153. What attack abuses unsecured message queues in cloud environments?

A) Cloud Queue Injection Attack
B) XML External Entity (XXE) Attack
C) OAuth Token Reuse
D) Cloud API Manipulation

✅ Answer: A) Cloud Queue Injection Attack
💡 Explanation: Attackers can insert malicious messages into unsecured cloud queues, triggering unauthorized actions in event-driven architectures.

154. What cloud security threat arises from hardcoded secrets in public repositories?

A) Secret Leakage & Credential Theft
B) Faster authentication
C) Secure API Token Bypass
D) Reduced network latency

✅ Answer: A) Secret Leakage & Credential Theft
💡 Explanation: If API keys, passwords, or tokens are stored in public code repositories, attackers can extract and use them to access cloud resources.

155. What type of attack manipulates cloud infrastructure templates to introduce security flaws?

A) Infrastructure as Code (IaC) Poisoning Attack
B) SQL Injection
C) Cross-Site Request Forgery (CSRF)
D) Cloud Rate Limiting Exploit

✅ Answer: A) Infrastructure as Code (IaC) Poisoning Attack
💡 Explanation: Compromised IaC scripts can deploy insecure cloud configurations, leading to security breaches.

156. What is the risk of enabling unrestricted inbound connections to cloud VMs?

A) Exposure to Unauthorized Access & Exploits
B) Reduced network performance
C) Increased cloud storage usage
D) Improved VM response time

✅ Answer: A) Exposure to Unauthorized Access & Exploits
💡 Explanation: Allowing unrestricted inbound traffic increases the risk of brute-force attacks, remote exploits, and unauthorized access.

157. What cloud attack exploits misconfigured container networking?

A) Cross-Container Network Exploitation
B) DNS Spoofing
C) XML Injection
D) Secure API Bypass

✅ Answer: A) Cross-Container Network Exploitation
💡 Explanation: Weak container networking configurations allow attackers to move laterally between compromised containers.

158. What security risk arises when cloud users disable audit logging?

A) Lack of Forensic Evidence & Security Visibility
B) Increased API performance
C) Reduced storage costs
D) Faster cloud provisioning

✅ Answer: A) Lack of Forensic Evidence & Security Visibility
💡 Explanation: Disabling audit logs makes it harder to detect and investigate security breaches in cloud environments.

159. What attack involves injecting malicious payloads into cloud search queries?

A) Search Query Injection Attack
B) Cloud Bucket Enumeration
C) API Rate Abuse
D) Cross-Tenant Privilege Escalation

✅ Answer: A) Search Query Injection Attack
💡 Explanation: Poorly secured cloud search engines can be manipulated to return unauthorized data or execute unintended actions.

160. What type of attack targets insecure API authentication mechanisms in cloud environments?

A) API Credential Theft Attack
B) DNS Cache Poisoning
C) Cloud Session Fixation
D) OAuth Token Reuse

✅ Answer: A) API Credential Theft Attack
💡 Explanation: Weak API authentication (e.g., lack of multi-factor authentication) can allow attackers to steal credentials and access cloud services.

161. What is a key security risk of improperly configured Virtual Private Cloud (VPC) settings?

A) Exposure to Untrusted Networks
B) Increased API response time
C) Lower storage costs
D) Reduced encryption overhead

✅ Answer: A) Exposure to Untrusted Networks
💡 Explanation: Misconfigured VPCs can expose cloud resources to external networks, leading to unauthorized access and data breaches.

162. What cloud security threat arises from unpatched container runtime vulnerabilities?

A) Container Runtime Exploitation
B) Cloud API Abuse
C) SQL Injection
D) OAuth Token Replay

✅ Answer: A) Container Runtime Exploitation
💡 Explanation: Unpatched container runtimes (e.g., Docker, Kubernetes) can be exploited to execute arbitrary code.

163. What attack allows an attacker to modify encrypted cloud data without decryption?

A) Ciphertext Manipulation Attack
B) Secure API Brute Force
C) Cloud Token Theft
D) OAuth Credential Abuse

✅ Answer: A) Ciphertext Manipulation Attack
💡 Explanation: Some encryption algorithms allow attackers to modify encrypted data without knowing the encryption key.

164. What attack exploits weak cloud service chaining configurations?

A) Cloud Service Chaining Exploitation
B) DNS Hijacking
C) JSON Injection
D) Cross-Site Request Forgery (CSRF)

✅ Answer: A) Cloud Service Chaining Exploitation
💡 Explanation: Improperly configured service chaining can allow attackers to bypass security restrictions between dependent cloud services.

165. What cloud security issue arises when multiple cloud accounts share the same API keys?

A) Shared API Key Exploitation
B) DNS Tunneling
C) OAuth Token Expiry Manipulation
D) Cloud Cryptojacking

✅ Answer: A) Shared API Key Exploitation
💡 Explanation: If the same API keys are used across multiple accounts, an attacker compromising one account can gain access to others.

166. What is the risk of weak endpoint security in cloud environments?

A) Endpoint Compromise & Unauthorized Access
B) Faster cloud API performance
C) Reduced encryption complexity
D) Increased network speed

✅ Answer: A) Endpoint Compromise & Unauthorized Access
💡 Explanation: Weak security on cloud endpoints (e.g., VMs, IoT devices) allows attackers to gain unauthorized access and pivot within cloud networks.

167. What cloud attack manipulates API rate-limiting mechanisms?

A) API Rate-Limiting Bypass Attack
B) Secure API Spoofing
C) SQL Injection
D) OAuth Token Theft

✅ Answer: A) API Rate-Limiting Bypass Attack
💡 Explanation: Attackers bypass API rate limits by distributing requests across multiple sources or exploiting API misconfigurations.

168. What security risk arises from unrestricted outbound traffic in cloud environments?

A) Data Exfiltration & Malware Command-and-Control (C2)
B) Faster API responses
C) Reduced storage usage
D) Lower latency

✅ Answer: A) Data Exfiltration & Malware Command-and-Control (C2)
💡 Explanation: Unrestricted outbound connections allow attackers to exfiltrate data and establish connections to malicious command-and-control servers.

169. What cloud attack targets weak object storage access policies?

A) Object Storage Misconfiguration Exploitation
B) JSON Web Token (JWT) Forgery
C) DNS Cache Poisoning
D) OAuth Rate Manipulation

✅ Answer: A) Object Storage Misconfiguration Exploitation
💡 Explanation: Poor access policies on object storage (e.g., AWS S3, Google Cloud Storage) can lead to data leaks or unauthorized modifications.

170. What attack exploits vulnerabilities in cloud-based CI/CD pipelines?

A) CI/CD Pipeline Injection Attack
B) Cross-Site Request Forgery (CSRF)
C) API Rate Throttling Exploit
D) OAuth Token Theft

✅ Answer: A) CI/CD Pipeline Injection Attack
💡 Explanation: Poorly secured CI/CD pipelines allow attackers to inject malicious code, leading to compromised cloud deployments.

171. What cloud security risk arises from over-permissive API Gateway policies?

A) Unauthorized API Access
B) Increased API request latency
C) Lower storage costs
D) Faster cloud provisioning

✅ Answer: A) Unauthorized API Access
💡 Explanation: If API Gateway policies allow excessive access, attackers can exploit weak configurations to retrieve or modify sensitive data.

172. What cloud attack involves an adversary manipulating timestamp-based authentication tokens?

A) Timestamp Manipulation Attack
B) OAuth Replay Attack
C) API Key Theft
D) DNS Hijacking

✅ Answer: A) Timestamp Manipulation Attack
💡 Explanation: Attackers manipulate timestamps in authentication tokens to extend session validity or gain unauthorized access.

173. What cloud vulnerability arises when an IAM role is assumed by unintended users or services?

A) IAM Role Hijacking
B) Clickjacking
C) DNS Poisoning
D) Secure Key Forgery

✅ Answer: A) IAM Role Hijacking
💡 Explanation: Poorly configured IAM roles can be exploited by attackers to gain unauthorized access to cloud services.

174. What is a risk of using cloud-based container registries without authentication?

A) Public Exposure of Sensitive Container Images
B) Increased network latency
C) Reduced storage performance
D) Faster container startup

✅ Answer: A) Public Exposure of Sensitive Container Images
💡 Explanation: Without authentication, container images can be pulled, modified, or exploited by unauthorized users.

175. What cloud attack involves manipulating ephemeral credentials used in temporary cloud workloads?

A) Temporary Credential Hijacking
B) Cloud Session Fixation
C) Secure API Spoofing
D) JSON Token Theft

✅ Answer: A) Temporary Credential Hijacking
💡 Explanation: If attackers compromise temporary credentials, they can escalate privileges and access sensitive cloud services.

176. What attack allows an adversary to exfiltrate sensitive cloud data through DNS queries?

A) DNS Tunneling Attack
B) OAuth Token Expiry Manipulation
C) Secure Token Hijacking
D) Cloud Rate Abuse

✅ Answer: A) DNS Tunneling Attack
💡 Explanation: Attackers encode sensitive data into DNS queries and responses to exfiltrate information without triggering network security alerts.

177. What security risk arises when cloud users expose sensitive environment variables in logs?

A) Environment Variable Leakage
B) Faster API responses
C) Reduced network latency
D) Improved encryption speed

✅ Answer: A) Environment Variable Leakage
💡 Explanation: Sensitive environment variables (e.g., API keys, passwords) should not be stored in logs, as attackers can extract them for unauthorized access.

178. What cloud attack involves modifying stored data without triggering integrity checks?

A) Data Integrity Manipulation Attack
B) OAuth Credential Abuse
C) Secure Token Spoofing
D) API Rate Limiting Bypass

✅ Answer: A) Data Integrity Manipulation Attack
💡 Explanation: If cloud storage lacks integrity verification, attackers can modify data without detection.

179. What cloud security risk arises when cloud-based CI/CD pipelines execute unverified scripts?

A) CI/CD Script Injection Attack
B) DNS Hijacking
C) API Token Spoofing
D) JSON Data Theft

✅ Answer: A) CI/CD Script Injection Attack
💡 Explanation: Poorly secured CI/CD pipelines can execute attacker-supplied scripts, leading to compromised deployments.

180. What is a risk of using default security settings in cloud infrastructure?

A) Predictable Security Configurations that Attackers Can Exploit
B) Improved network bandwidth
C) Lower cloud costs
D) Faster service provisioning

✅ Answer: A) Predictable Security Configurations that Attackers Can Exploit
💡 Explanation: Default security settings often have well-known vulnerabilities that attackers can exploit to gain unauthorized access.

181. What attack exploits cloud-native service misconfigurations to execute unauthorized functions?

A) Cloud Service Misconfiguration Exploitation
B) Cross-Site Request Forgery (CSRF)
C) Secure API Token Abuse
D) JSON Web Token (JWT) Forgery

✅ Answer: A) Cloud Service Misconfiguration Exploitation
💡 Explanation: Poorly secured cloud-native services allow attackers to execute unauthorized API requests or cloud functions.

182. What cloud attack takes advantage of shared virtualized resources to extract sensitive data?

A) Hypervisor Side-Channel Attack
B) SQL Injection
C) Cross-Tenant Data Exposure
D) OAuth Credential Theft

✅ Answer: A) Hypervisor Side-Channel Attack
💡 Explanation: Attackers can use shared CPU cache or memory to infer sensitive information from co-located cloud tenants.

183. What security risk arises when cloud environments lack proper egress controls?

A) Unauthorized Data Exfiltration
B) Improved cloud speed
C) Faster API authentication
D) Reduced encryption complexity

✅ Answer: A) Unauthorized Data Exfiltration
💡 Explanation: Without proper egress controls, attackers can send stolen data to external servers undetected.

184. What cloud attack involves manipulating time-synchronization services to bypass security policies?

A) NTP Spoofing Attack
B) Secure Token Hijacking
C) API Request Manipulation
D) JSON Encryption Abuse

✅ Answer: A) NTP Spoofing Attack
💡 Explanation: Attackers can manipulate Network Time Protocol (NTP) services to disrupt authentication and security policies.

185. What security risk arises when cloud administrators use weak SSH keys?

A) SSH Key Brute-Force Attack
B) DNS Tunneling
C) Secure API Spoofing
D) OAuth Session Hijacking

✅ Answer: A) SSH Key Brute-Force Attack
💡 Explanation: Weak SSH keys can be brute-forced, allowing attackers to gain access to cloud instances remotely.

186. What attack leverages cloud-based file-sharing services to distribute malware?

A) Cloud Malware Distribution Attack
B) API Token Theft
C) OAuth Credential Manipulation
D) Secure Key Expiry Bypass

✅ Answer: A) Cloud Malware Distribution Attack
💡 Explanation: Attackers upload malicious files to cloud-based file-sharing services, tricking users into downloading and executing them.

187. What security risk arises when users hardcode authentication credentials in cloud applications?

A) Hardcoded Credential Exploitation
B) API Rate-Limiting Abuse
C) DNS Cache Poisoning
D) Cloud Resource Exhaustion

✅ Answer: A) Hardcoded Credential Exploitation
💡 Explanation: If credentials are hardcoded in source code, attackers can extract them and gain unauthorized cloud access.

188. What attack manipulates API input validation mechanisms to bypass security restrictions?

A) API Input Validation Bypass Attack
B) JSON Web Token (JWT) Spoofing
C) Cloud OAuth Token Expiry Exploit
D) Secure Key Manipulation

✅ Answer: A) API Input Validation Bypass Attack
💡 Explanation: Poor input validation in APIs allows attackers to submit crafted requests to manipulate cloud service responses.

189. What cloud security risk arises when users neglect to revoke stale API tokens?

A) API Token Reuse Attack
B) DNS Tunneling
C) Cloud Rate-Limiting Exploit
D) Secure API Request Manipulation

✅ Answer: A) API Token Reuse Attack
💡 Explanation: Stale API tokens that are not revoked can be reused by attackers to access cloud resources.

190. What cloud attack involves intercepting session cookies in cloud applications?

A) Cloud Session Hijacking
B) DNS Cache Poisoning
C) JSON API Rate Abuse
D) Secure Token Replay

✅ Answer: A) Cloud Session Hijacking
💡 Explanation: If session cookies are not secured properly, attackers can intercept them and hijack active cloud sessions.

191. What cloud attack leverages misconfigured firewall rules to scan internal resources?

A) Internal Network Scanning Attack
B) OAuth Token Exploitation
C) Cloud API Abuse
D) DNS Cache Poisoning

✅ Answer: A) Internal Network Scanning Attack
💡 Explanation: Poorly configured firewall rules allow attackers to conduct network reconnaissance inside cloud environments, identifying exploitable services.

192. What security risk arises when cloud service providers have unrestricted access to customer data?

A) Insider Threat from Cloud Providers
B) Cloud Cryptojacking
C) Secure API Rate Abuse
D) Cloud Token Expiry Manipulation

✅ Answer: A) Insider Threat from Cloud Providers
💡 Explanation: If cloud providers have unrestricted access to customer data, malicious insiders or compromised accounts could lead to data breaches.

193. What cloud attack exploits vulnerabilities in shared memory resources between cloud tenants?

A) Cross-Tenant Memory Leakage Attack
B) Secure API Token Manipulation
C) DNS Cache Poisoning
D) OAuth Credential Expiry Exploit

✅ Answer: A) Cross-Tenant Memory Leakage Attack
💡 Explanation: If cloud tenants share memory, attackers may extract sensitive data from co-located virtual machines.

194. What is a major risk when public cloud storage containers are misconfigured?

A) Unauthorized Data Exposure
B) Increased file transfer speeds
C) Reduced storage costs
D) Faster API authentication

✅ Answer: A) Unauthorized Data Exposure
💡 Explanation: Misconfigured public cloud storage can lead to unauthorized access, allowing attackers to steal sensitive data.

195. What attack targets improperly secured backup and snapshot data in the cloud?

A) Backup and Snapshot Theft Attack
B) Secure File Manipulation
C) OAuth Session Replay
D) Cloud Resource Exhaustion

✅ Answer: A) Backup and Snapshot Theft Attack
💡 Explanation: If backups and snapshots are not encrypted or properly secured, attackers can extract sensitive historical data.

196. What security risk arises from cloud services using weak cryptographic algorithms?

A) Cryptographic Downgrade Attack
B) API Rate Limiting Bypass
C) Secure Token Theft
D) Cloud Rate Abuse

✅ Answer: A) Cryptographic Downgrade Attack
💡 Explanation: Attackers force cloud services to use weak encryption, making it easier to decrypt sensitive data.

197. What cloud attack involves compromising an organization’s Single Sign-On (SSO) system?

A) SSO Bypass Attack
B) API Token Spoofing
C) Cloud Token Expiry Manipulation
D) Secure Key Forgery

✅ Answer: A) SSO Bypass Attack
💡 Explanation: If an organization’s SSO system is compromised, attackers can gain access to multiple cloud applications with a single stolen credential.

198. What attack exploits cloud-native logging services to inject malicious payloads?

A) Log Injection Attack
B) DNS Cache Poisoning
C) OAuth Token Expiry Exploit
D) Secure API Rate Manipulation

✅ Answer: A) Log Injection Attack
💡 Explanation: Poorly sanitized log data can allow attackers to insert malicious payloads that execute commands or exfiltrate data.

199. What security risk arises when cloud services expose too many open ports?

A) Attack Surface Expansion
B) Faster API response time
C) Reduced encryption complexity
D) Increased network bandwidth

✅ Answer: A) Attack Surface Expansion
💡 Explanation: Excessive open ports make it easier for attackers to identify and exploit vulnerabilities in cloud-hosted services.

200. What cloud attack exploits unpatched software vulnerabilities in containerized applications?

A) Container Vulnerability Exploitation
B) OAuth Token Hijacking
C) DNS Tunneling
D) Secure API Token Theft

✅ Answer: A) Container Vulnerability Exploitation
💡 Explanation: If containerized applications are not patched, attackers can exploit known vulnerabilities to gain control over cloud workloads.

Cloud Security Threats – Common Attack Vectors – MCQ Questions