Misconfig
IAM
Network
Data
Real World
100

What is open to the world?

0.0.0.0/0

100

What is having too many permissions?

Overprivileged

100

What is a cloud firewall?

Security Group

100

What is encryption at rest?

Stored encrypted  

100

What causes most breaches?

Human error

200

What is the risk of public storage?

Data exposure  

200

What is the best practice for access control?

Least privilege

200

What is the risk of port 22 being open?

SSH exposure

200

What is encryption in transit?

HTTPS

200

What is your responsibility in cloud security?

in a shared responsibility model your data is your responsibility

300

What is the default cloud storage setting?

Private  

300

What is the issue with shared accounts?

No accountability

300

What does a private subnet mean?

No public access  

300

What is a public bucket?

publicly accessible storage

300

What is the risk of fast deployment?

Misconfiguration

400

What is the #1 cloud risk?

Misconfiguration  

400

What does MFA protect?

accounts + access attempts

400

 What is the risk of a public IP?

Direct exposure  

400

What is the purpose of backups?

Recovery

400

What tool is used for cloud auditing?

CSPM / config scanner

500

What enforces secure configurations?

Policies / Guardrails  

500

What is the rule for root account usage?

Root is used for break-glass only

500

What is the best way to control SSH access?

Restrict IP / VPN

500

What is the rule for sensitive data?

Never public

500

What should be fixed first in a breach?

Exposure  

M
e
n
u