Q1. A security analyst discovers that a cloud storage bucket containing customer data is accessible to anyone on the internet without authentication. No credentials were stolen and no vulnerability in any application was exploited. Which misconfiguration category does this represent?
Q2. Which of the following BEST describes the Verizon S3 data exposure incident in 2017?
Q3. A Linux system administrator wants to allow specific senior engineers to perform administrative tasks without sharing the root password or logging in directly as root. Which approach BEST implements this requirement?
Q4. A network engineer runs a packet capture on an internal management network and is able to read administrator usernames and passwords in cleartext. Which protocol is MOST likely responsible for this exposure?
Q5. The Mirai botnet primarily exploited which misconfiguration to compromise hundreds of thousands of IoT devices?
Q6. A security team conducts a firewall audit and discovers rules permitting inbound connections from an IP address range that was used by an acquired company, but the acquisition was unwound three years ago and those IP ranges are no longer in use. What risk does this create, and what is the correct action?
Q7. Match each misconfiguration to the security control that directly addresses it.
Select the answer that correctly pairs ALL four misconfigurations with their controls.
Select the answer that correctly pairs ALL four misconfigurations with their controls.
Match each item on the left with its correct control on the right:
Open S3 bucket
Telnet used for device management
IoT device with admin/admin credentials
Unrestricted direct root SSH login
A. Enable Block Public Access at account level; audit bucket ACLs
B. Disable PermitRootLogin in sshd_config; require sudo for elevation
C. Replace with SSH; block port 23 at the firewall
D. Change default credentials before deployment; never deploy with factory defaults
Click choices on the right to assign them to the items above.