CEH v13 Domain 8.1 Practice Test 004

By /

This practice test covers Domain 8 (Cloud Computing) Subdomain 1 (Cloud Computing) from the CEH v13 (312-50v13) exam blueprint (v5).

These questions are inspired by the EC-Council CEH exam and are designed to help you test your knowledge of ethical hacking tools, techniques, and methodologies. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CEH exam.

Note: CEH and Certified Ethical Hacker are registered trademarks of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CEH practice tests based on specific domains and subdomains, click that link

CEH v13 Domain 8.1 Practice Test 004
10 questions • 8 single-answer, 2 multi-select
Question 1
Clark, a cloud architect, evaluates an offering where the provider manages the operating system, runtime, and middleware while customers only deploy their own code and data. He wants to classify this offering among the standard cloud delivery models. Which model is described?
    Question 2
    Jane, a DevOps engineer, isolates applications using lightweight units that share the host kernel instead of bundling a full guest operating system each time. She wants to name the technology that enables this efficient packaging. Which technology is she describing?
      Question 3
      Select all that apply
      Elijah, a security analyst, audits a public cloud tenant and finds objects readable by anyone on the internet, plus access keys hardcoded in a public code repository. He must categorize these findings using common cloud threat terms. Which two threats apply? (Choose two)
        Question 4
        A red team compromises a serverless function and queries the cloud metadata endpoint to retrieve temporary IAM role credentials. They reuse those tokens to pivot deeper into the account. What technique describes coercing the workload to fetch credentials from this internal endpoint?
          Question 5
          Kevin, an attacker, studies an application whose code executes only in response to events, with no persistent infrastructure for him to target between invocations. He wants to identify this execution model before planning event-injection attacks. Which computing model is this?
            Question 6
            An enterprise security team wants centralized visibility into misconfigurations, compliance drift, and risky permissions across dozens of cloud accounts. They evaluate a category of tooling built specifically for continuous posture monitoring. Which solution type best fits this need?
              Question 7
              Select all that apply
              Jane hardens a production cloud account after a breach and wants identity controls that limit blast radius and enforce minimal permissions. She narrows her shortlist to two foundational protections. Which two should she prioritize? (Choose two)
                Question 8
                A pentester gains code execution inside an isolated runtime and abuses a misconfigured privileged flag to break onto the underlying machine. He documents the impact of crossing this isolation boundary. What is this attack called?
                  Question 9
                  Clark phishes a cloud administrator and replays the stolen long-term API key to authenticate to the management console. He keeps access by minting additional keys under the victim identity. What primary weakness is being exploited here?
                    Question 10
                    An incident responder must reconstruct every API call made within an AWS account during a suspected breach window. She enables the native service that records account activity and management events for auditing. Which service provides this audit trail?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top