The Cybersecurity Trail

A path to cyber mastery

EC-Council CEH Practice Tests

CEH v13 Domain 8.1 Practice Test 001

ByThe Test Master

Apr 16, 2026 #CEH, #cloud computing, #EC-Council, #ethical hacking

Welcome to this CEH v13 practice test!

This practice test covers Domain 8 (Cloud Computing) Subdomain 1 (Cloud Computing) from the CEH v13 (312-50v13) exam blueprint (v5).

These questions are inspired by the EC-Council CEH exam and are designed to help you test your knowledge of ethical hacking tools, techniques, and methodologies. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CEH exam.

Note: CEH and Certified Ethical Hacker are registered trademarks of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CEH practice tests based on specific domains and subdomains, click that link.

CEH v13 Domain 8.1 Practice Test 001
10 questions • 8 single-answer, 2 multi-select
CEH v13 (312-50v13) • Domain 8: Cloud Computing — Sub-Domain 8.1: Cloud Computing
Question 1
A penetration tester is assessing a cloud environment and discovers that an Amazon S3 bucket is publicly accessible and allows listing of its contents. The bucket contains sensitive customer data. What is the primary security misconfiguration in this scenario?
    Question 2
    During a cloud security assessment, an ethical hacker discovers exposed API keys in a publicly accessible GitHub repository. These keys provide administrative access to a cloud environment. What type of vulnerability does this represent?
      Question 3
      An attacker gains access to a cloud instance and installs a cryptocurrency mining tool that consumes CPU resources continuously. The legitimate users notice degraded performance. What type of attack is this?
        Question 4
        A security engineer is reviewing cloud IAM policies and notices that a user has been granted '*' permissions across all services and resources. What is the primary risk associated with this configuration?
          Question 5
          A penetration tester discovers that a cloud-based web application is vulnerable to Server-Side Request Forgery (SSRF). The tester exploits this vulnerability to access the cloud instance metadata service. What is the likely goal of this attack?
            Question 6
            Select all that apply
            An organization is securing its cloud environment. Which TWO best practices help mitigate risks associated with cloud misconfigurations? (Choose two)
              Question 7
              During a cloud penetration test, an attacker exploits weak security group rules that allow unrestricted inbound access on port 22 from any IP address. What vulnerability does this represent?
                Question 8
                A cloud administrator enables multi-factor authentication (MFA) for all user accounts. What is the primary security benefit of this control?
                  Question 9
                  An attacker exploits a misconfigured cloud database that allows access without authentication. The attacker downloads sensitive records. What type of issue does this represent?
                    Question 10
                    Select all that apply
                    A penetration tester is evaluating cloud API security. Which TWO attack techniques are commonly used to exploit insecure cloud APIs? (Choose two)
                      Answered: 0/10

                      Related Post

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.2 Practice Test 002

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.1 Practice Test 002

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 1.1 Practice Test 002

                      Leave a Reply

                      Your email address will not be published. Required fields are marked *

                      You missed

                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.2 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 2.1 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 1.1 Practice Test 002

                      April 16, 2026 The Test Master
                      EC-Council CEH Practice Tests

                      CEH v13 Domain 9.1 Practice Test 001

                      April 16, 2026 The Test Master