Exam PT1-002 topic 1 question 110 discussion

I'm not sure but ( D ) make more sense .

The answer is D here since the clients are sharing the same physical resources

D That's correct.

I think it is Data flooding. If multiple companies are sharing the same physical resources and one company falls victim to a DDOS attack, the resources will be exhausted. Therefore, other companies will experience service issues as well.

Attacking the Cloud The cloud is vulnerable to the same types of attacks that affect many applications. An attack against a cloud delivery model such as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) can result in a data breach. In addition to the financial impact of recovery fees and possible loss of intellectual property, a company that suffers from an attack can face fines, penalties, and legal action. As a result, it’s important to recognize the cloud computing infrastructure is susceptible to several types of attacks that include: Side-channel attacks: Also called a sidebar or implementation attack, this exploit is possible because of the shared nature of the cloud infrastructure, especially in a PaaS model. In this attack, the hardware leaks sensitive information such as cryptographic keys, via a covert channel, to a potential attacker.

D: Side Channel - makes the most sense. Cross-VM Cache Side Channel Attacks make it Vulnerable: One of the most sophisticated forms of attack is the cross-VM cache side channel attack that exploits shared cache memory between VMs. A cache side channel attack results in side channel data leakage, such as cryptographic keys. In cases where there exist shared hardware resources, the side channel attack exploits information obtained from the usage of, for example, Central Processing Unit (CPU) core and high level cache memory as opposed to exploiting theoretical weaknesses like the brute force attack. Ref: https://arxiv.org/pdf/1606.01356.pdf

This is D "Additionally, they may also be used against virtual machines (VMs) and in cloud computing environments where an attacker and target share the same physical hardware." https://www.techtarget.com/searchsecurity/definition/side-channel-attack#:~:text=Side%2Dchannel%20attacks%20can%20even,share%20the%20same%20physical%20hardware.

Answer is correct, link is dead but you can find the info on the following. https://www.alertlogic.com/blog/top-cloud-vulnerabilities/