Examice

Exam 312-49v10 All QuestionsBrowse all questions from this exam

Question 361

Robert, a cloud architect, received a huge bill from the cloud service provider, which usually doesn't happen. After analyzing the bill, he found that the cloud resource consumption was very high. He then examined the cloud server and discovered that a malicious code was running on the server, which was generating huge but harmless traffic from the server. This means that the server has been compromised by an attacker with the sole intention to hurt the cloud customer financially. Which attack is described in the above scenario?

XSS Attack

DDoS Attack (Distributed Denial of Service)

Man-in-the-cloud Attack

EDoS Attack (Economic Denial of Service)

Correct Answer: D

The scenario describes an attack where a malicious code is running on a cloud server, generating huge but harmless traffic with the intention of financially hurting the cloud customer by increasing their bill. This type of attack is known as an Economic Denial of Service (EDoS) attack. EDoS aims to exploit the cloud's resource billing system by consuming excessive computational power and storage, leading to significant financial costs for the victim.

Discussion

jjweustOption: D

I can see the case for D. CFHI V10 Manual on Economic Denial of Service pg 770. "The payment method employed in a cloud system is based on the “no use, no bill” policy; the CSP charges customers according to the data recorded when customers make requests, the duration of requests, amount of data transfer in the network, and the number of CPU cycles consumed. Economic denial of service destroys the financial resources; in the worst case, this could lead to customer bankruptcy or other severe economic impact. If an attacker deploys a malicious service or executes malicious code on a cloud system that consumes a significant amount of computational power and storage from the cloud server, the legitimate account holder is liable for paying for such consumption unless the service provider finds the primary cause of CPU usage."

hisham

correct

diomayaOption: D

From EC Council V10 book: Economic denial of service destroys the financial resources; in the worst case, this could lead to customer bankruptcy or other severe economic impact. If an attacker deploys a malicious service or executes malicious code on a cloud system that consumes a significant amount of computational power and storage from the cloud server, the legitimate account holder is liable for paying for such consumption unless the service provider finds the primary cause of CPU usage. Cloud

vrocheOption: D

I disagree with the answer. I think right one is D. EDoS Attack (Economic Denial of Service), mainly because DDoS implies "distributed" and there is just one system involved in.

aqeel1506Option: D

D. EDoS Attack (Economic Denial of Service) The textbook explains that an EDoS attack focuses on causing financial harm by exploiting cloud resources, resulting in high costs for the victim. The attacker generates excessive traffic or resource consumption to increase the cloud service provider's bill, affecting the victim economically.