CEH v13 Domain 8.1 Practice Test 003

By /

This practice test covers Domain 8 (Cloud Computing) Subdomain 1 (Cloud Computing) from the CEH v13 (312-50v13) exam blueprint (v5).

These questions are inspired by the EC-Council CEH exam and are designed to help you test your knowledge of ethical hacking tools, techniques, and methodologies. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CEH exam.

Note: CEH and Certified Ethical Hacker are registered trademarks of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CEH practice tests based on specific domains and subdomains, click that link

CEH v13 Domain 8.1 Practice Test 003
10 questions • 8 single-answer, 2 multi-select
Question 1
Clark, a red team operator targeting a healthcare organization's AWS environment, notices he can enumerate and download files from a storage bucket by appending known path conventions to the base URL without receiving any credential prompts. He downloads thousands of patient records and documents the finding as a critical exposure. Which cloud misconfiguration is the root cause?
    Question 2
    Kevin, a bug bounty hunter testing a cloud-hosted e-commerce application, crafts a specially formed HTTP request that tricks the application's server into fetching a well-known internal URL used by hyperscalers to expose instance credentials. He receives a JSON response containing temporary access keys, role ARNs, and region information. Which attack technique did Kevin leverage?
      Question 3
      Jane, a penetration tester who has gained initial access to a containerized microservices environment, identifies that one workload was deployed with a flag that disables all Linux security restrictions and grants it unrestricted access to the host kernel. She exploits this condition to write a cron job directly onto the underlying host filesystem, achieving persistence outside the container boundary. Which container vulnerability did Jane exploit?
        Question 4
        Elijah, a cloud security analyst reviewing his organization's AWS configuration, discovers that a developer account has been assigned an inline policy granting wildcard actions across all resources with no conditional restrictions. An attacker who compromises this account could enumerate, modify, and delete any cloud resource in the environment. Which cloud security principle was violated that led to this excessive permission assignment?
          Question 5
          An enterprise DevSecOps team conducting a red team exercise against a serverless application discovers that user-supplied input is being passed directly into an OS command executed within an AWS Lambda function without sanitization. They craft a payload that terminates the legitimate command and appends a reverse shell instruction, establishing a callback to their command-and-control server. Which attack was demonstrated?
            Question 6
            Select all that apply
            Kevin, a cloud penetration tester, is assessing a target organization's AWS infrastructure and needs to enumerate IAM permissions, identify misconfigured storage buckets, and map exposed services across the cloud environment. His engagement scope allows active testing against the cloud control plane. Which two tools are commonly used for cloud infrastructure enumeration and attack during a CEH engagement? (Choose two)
              Question 7
              A forensic analyst investigating an unusual spike in cloud computing costs discovers that multiple compromised container instances are running at maximum CPU utilization and connecting outbound to a pool URL on port 3333. The traffic pattern and CPU usage correlate with a well-known class of financially motivated attacks against cloud infrastructure. Which type of cloud threat did the analyst identify?
                Question 8
                A security researcher testing a multi-tenant cloud environment discovers a vulnerability in the hypervisor layer that allows code executing inside a guest virtual machine to read memory belonging to a neighboring tenant's instance. She demonstrates the leak by recovering cryptographic key material from an adjacent VM running on the same physical host. Which cloud-specific attack category does this represent?
                  Question 9
                  Select all that apply
                  A penetration tester assigned to a cloud security assessment wants to identify attack vectors unique to cloud infrastructure that differentiate it from traditional on-premises environments. The client uses a major public cloud provider with exposed management APIs and default instance configuration. Which two techniques are considered cloud-specific threats by CEH? (Choose two)
                    Question 10
                    A threat actor who has compromised a CI/CD pipeline discovers that every pod in a production Kubernetes cluster has been deployed with a default service account token that grants cluster-wide administrative access. By querying the Kubernetes API from within a compromised pod, the attacker enumerates all secrets, escalates to cluster admin, and deploys a backdoor container. Which Kubernetes misconfiguration is the primary enabler?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top