Cloud X (owned by Cloud Provider X) provides Physical Server A which hosts VirtualServers A and B. Virtual Server B hosts Ready-Made Environments A and B. CloudService Consumer A uses Virtual Server A as part of an IaaS leasing agreement in whichCloud Consumer A is charged a fixed monthly fee for unlimited access. Cloud ServiceConsumers B and C use Ready-Made Environments A and B respectively as part of aPaaS leasing agreement based on per-minute usage fees. In both cases, access is monitored via Pay-For-Use Monitor A, which keeps track of log-in and log-out times in order to calculate the usage charges that are billed to Cloud Consumers B and C.Physical Server A begins to become unstable. Over the course of a 24 hour period, the server shuts down three times, taking down Virtual Servers A and B with it. This causes numerous problems for Cloud Service Consumers A, B and C, which lose connections and encounter a variety of exceptions.A subsequent investigation of the log files generated by Pay-For-Use Monitor A reveals that the three server crashes coincided with the usage periods of Ready-Made Er n'ronment B b> Cloud Service Consumer B. De 'elopers at the Cloud Consumer 3 organization confirm they did not actually log in during those periods, which leads CloudProvider X to discover that another cloud service consumer has been posing as CloudService Consumer B in order to maliciously access Ready-Made Environment B, VirtualServer B, and Physical Server B on Cloud X. The investigation concludes that the malicious cloud service consumer was able to carry out the attack successfully by obtaining a weak password being used by developers from Cloud Consumer B.Which of the following statements accurately identifies the type of security threat that corresponds to the described attack - and -provides a solution that can directly mitigate this type of security threat within Cloud X?
Cloud X Owned B 1 (114.08 KiB) Viewed 77 times
A. Ready-Made Environment
B. Virtual Server B and Physical Server B were subjected to a weak authentication attack that can be mitigated by implementing the encryption and digital signature mechanisms.
B. Ready-Made Environment
B. Virtual Server B and Physical Server B were subjected to a malicious intermediary attack that can be mitigated by implementing the cloud-based security groups and hardened virtual server images mechanisms.
C. Ready-Made Environment B, Virtual Server B and Physical Server B were subjected to a virtualization attack that can be mitigated by implementing the encryption and digital signature mechanisms.
D. Ready-Made Environments, Virtual Server B and Physical Server B were subjected to an attack that succeeded due to overlapping trust boundaries. This type of attack can be mitigated by implementing the single sign-on mechanism.
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!