Cloud 101
Who Owns Security?
Misconfiguration Madness
Attack Timeline
Cloudy With a Chance of Chaos
100

This is not a fluffy thing in the sky. In cybersecurity, it means using remote computing resources over the internet instead of owning all the hardware yourself.

What is cloud computing?

100

In the shared responsibility model, this side is like the landlord: it secures the physical building, hardware, data centers, and core infrastructure.

Who is the cloud provider?

100

Leaving this public is the cloud version of leaving a filing cabinet open on the sidewalk.

What is a public storage bucket / public cloud storage exposure?

100

In the typical vulnerability workflow, this stage comes after deployment and includes public exposure, weak IAM, risky tokens, or vulnerable components.

What is misconfigure access?

100

This cloud concept is basically the bouncer at the club: it decides who gets in and what they are allowed to do once inside.

What is identity / IAM?

200

This technology allows one physical server to be split into many virtual machines.

What is virtualization?

200

Which service model means the provider runs almost everything and the customer mainly just uses the application? A. IaaS B. PaaS C. SaaS D. Hybrid cloud

SaaS

200

This type of weakness happens when security settings are wrong, such as open ports, overprivileged identities, unsecured storage, or default credentials.

What is a cloud misconfiguration?

200

In the slideshow’s cloud vulnerability workflow, this is the “move fast” stage where a cloud service, app, bucket, API, or tool goes live.

What is deploy fast?

200

This is the cloud’s “apartment building” idea: different customers may share the same hardware, but they are supposed to stay isolated.

What is multi-tenancy?

300

 Which cloud building block decides who is allowed in and what they can do? A. Compute B. Storage C. Networking D. Identity

Identity

300

In this cloud service model, you rent the raw machines and manage the operating system and above.

What is IaaS?

300

This access problem happens when users or services have more permissions than they actually need.

What is overprivileged access / poor access management?

300

In the public cloud storage example, this is what allowed anyone with the URL to download files.

What are public bucket permissions?

300

This cloud feature lets resources spin up and down quickly, almost like ordering extra pizza when more guests arrive.

What is elasticity?

400

These are the four basic cloud building blocks from the slideshow: one runs programs, one holds data, one connects systems, and one decides access.

What are compute, storage, networking, and identity?

400

In the shared responsibility model, the customer is responsible for securing these four things from the slideshow.

What are access, configuration, data, and code?

400

Which of these is an example of poor access management? A. Enforcing MFA B. Least privilege C. No MFA on important accounts D. Private storage by default

C. No MFA on important accounts

400

DAILY DOUBLE: Kubernetes vulnerability mentioned in slideshow affected which component? 

ingress-nginx controller

400

If one compromised system should not be able to freely reach every other system, what control helps limit the blast radius?

Segmentation

500

Which deployment model combines public cloud and private cloud? A. Public cloud B. Private cloud C. Hybrid cloud D. SaaS cloud

Hybrid cloud

500

Why can cloud breaches still happen even if the provider secures the underlying infrastructure? A. Cloud has no security B. Customers still control access, configurations, data, and code C. Virtualization does not work D. SaaS removes all risk

B. Customers still control access, configurations, data, and code

500

Which vulnerability category means an organization may not detect suspicious activity because logs and alerts are missing or not centralized? A. Deficient logging and monitoring B. Virtualization C. Hybrid cloud D. Elasticity

A. Deficient logging and monitoring

500

LiteLLM AI Gateway Command Injection was dangerous because even a low-privileged API key could do what? A. Automatically encrypt all data B. Execute host commands C. Remove virtualization D. Convert IaaS into SaaS

Execute host commands

500

After an attacker exploits a cloud weakness, what was the slideshow’s remediation stage? (hint:  5 steps)

Patch, restrict access, rotate secrets, monitor, and prevent repeat mistakes

M
e
n
u