Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Consider a cloud based storage-as-a-service provider. It provides a storage serv

ID: 3860766 • Letter: C

Question

Consider a cloud based storage-as-a-service provider. It provides a storage service similar to Dropbox, where user files on their personal storage (e.g. laptop hard drives) are synchronized and saved in the cloud. 1. What is the attack surface of this storage service (i.e. where are the places the system (or user data) can be attacked?). 2. What are the assets in this system that should be protected? 3. Who can be the attacker and what capability can they have? (i.e. are they external or internal? What can an external attacker do? What can an internal attacker do? What is their motivation:?)

Explanation / Answer

1) What is the attack surface of this storage service (i.e. where are the places the system (or user data) can be attacked?).

Attack Surfaces are below

1) Cloud Storage/ Hard Drive/Physical Attack Surface ( Storage / Database area that can be compromised)

2) Communication/Network Attack Surface ( Network that is it is opearting can be compromised)

3) Software Attach Surface (software that is running can be compromised)

What are the assets in this system that should be protected?

Assets that are protected are below

1) Physical Storage/ Database Storage

2) Network Communication ( can be protected using secure network communication / HTTPS)

3) Software Program / Software Assets (like security keys)

Who can be the attacker and what capability can they have? (i.e. are they external or internal? What can an external attacker do? What can an internal attacker do? What is their motivation:?)

Attaccker can be anyone external or internal , external attacker can be hacker, and internal attacker can be any internal individual who wants to distrupt the security of company(e.g employee)

-> External attacker can snif the network traffic if it is unsecured then it will steal the information from network, external attacker can hack the internal system to gain the access to the system.

-> Internal attack always has the credentials so it might bring down the cloud server , exposes private assets outside etc.

Chhers :) Do upvote if you are satisfied.

Related Questions

Consider a circular, perfectly reflecting Solar sail that is initially at rest a
Question #1884907
Consider a circular-motion problem in which tension not only must provide the pr
Question #1413198
Consider a cirucuit made of two resistors of resistances r and R and a capacitor
Question #1772621
Consider a city dealing with a severe ozone problem. Ozone levels are initially
Question #1104748
Consider a city dealing with a severe ozone problem. Ozone levels are initially
Question #1104775
Consider a city that has a number of kebab stands operating throughout the downt
Question #1247939
Consider a city where the owners of vacant lots will vote on a proposed growth b
Question #1098900
Consider a city whose streets are defined by an n times m grid. We are intereste
Question #3886512
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Consider a cloud based storage-as-a-service provider. It provides a storage serv
Next
Consider a cloudless day when the sun shines down across the United States. If 2

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.