Week 06: Assignment 06 - Cloud Computing Security Quiz Solutions"
Description:
This article provides solutions and detailed explanations for the Week 06 assignment of the NPTEL Cloud Computing course. Each question is analyzed, and the correct answer is provided, with reasoning to help learners understand the concepts behind cloud computing security.
1. Interception is considered as an attack on:
- Answer: (A) Confidentiality
- Reason: Interception involves unauthorized access to data while it's being transferred, which breaches confidentiality by exposing sensitive information to unauthorized parties.
2. Find the correct statement(s):
- Answer: (A) Different types of cloud computing service models provide different levels of security services.
- Reason: Different cloud service models (IaaS, PaaS, SaaS) offer varying security levels based on their scope and responsibilities, such as infrastructure, platform, or software services.
3. Which of the following is/are example(s) of passive attack?
- Answer: (C) Traffic analysis
- Reason: Passive attacks involve monitoring or eavesdropping on communication without altering it. Traffic analysis involves observing the patterns of communication without intercepting or changing the actual data.
4. Modification is considered as an attack on:
- Answer: (C) Integrity
- Reason: Modification refers to unauthorized changes or alterations to data, which affects its integrity by compromising its accuracy and reliability.
5. Spoofing is not an example of:
- Answer: (D) Usurpation
- Reason: Spoofing is a form of impersonation where an attacker pretends to be someone else. It is not an example of usurpation, which involves unauthorized control over a system.
6. Consider the following statements:
Statement I: Authorization is the identification of legitimate users.
Statement II: Integrity is the protection against data alteration/corruption.
- Answer: (B) Statement I is FALSE, and Statement II is TRUE.
- Reason: Authorization is about providing access rights to users, not identification. Integrity indeed protects against unauthorized data modification or corruption.
7. Access policy control refers to:
- Answer: (D) Man in the middle attack
- Reason: Access policy control involves implementing security measures that protect against unauthorized access, which includes preventing attacks like "Man in the Middle."
8. Which of the options is/are considered as the basic components of security?
- Answer: (A) Confidentiality
- Reason: The basic components of security are confidentiality, integrity, and availability, often referred to as the CIA triad.
9. Which of the following is/are not a type of passive attack?
- Answer: (B) Release of message contents
- Reason: Releasing message contents involves actively obtaining and possibly altering the message, thus making it an active attack rather than a passive one.
10. Side channel exploitation has the potential to extract RSA & AES secret keys:
- Answer: (A) True
- Reason: Side-channel attacks exploit physical information (like power consumption or electromagnetic emissions) to extract sensitive cryptographic keys like RSA and AES.
![BEU Syllabus : 1st Year Syllabus All Branches PDF 2023 [ME, CE, EE, ECE, CSE, EEE, IT]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGya1VH_oIzUE4qmmukK-nXYT6F910WvSYKyOJjCqK2ziAfr2-GZGtQ-6_vjA-vYMOvVUceVq57iEn1Jz35hnIcMmn_SzHh21qkVWTzZAi9hjksq60CcUJRcpO6vTMo3578iaWgpvyY1iiMSLaFS2VqKrQMFZo4mSF7-H_hKBx6GIYaDgSsXDujXeLmw/w680/BEUSyllabus-1.jpg.webp)
