312-50V13 · Question #263
Alice, a professional hacker, targeted an organization's cloud services. She infiltrated the targets MSP provider by sending spear-phishing emails and distributed custom-made malware to compromise use
The correct answer is A. Cloud hopper attack. Cloud Hopper Attack Explained Why A is Correct: A Cloud Hopper attack specifically targets Managed Service Providers (MSPs) as an entry point to reach their downstream customers. Attackers compromise the MSP's infrastructure, then "hop" from the MSP's privileged access into the t
Question
Options
- ACloud hopper attack
- BCloud cryptojacking
- CCloudborne attack
- DMan-in-the-cloud (MITC) attack
How the community answered
(17 responses)- A76% (13)
- B6% (1)
- C6% (1)
- D12% (2)
Explanation
Cloud Hopper Attack Explained
Why A is Correct: A Cloud Hopper attack specifically targets Managed Service Providers (MSPs) as an entry point to reach their downstream customers. Attackers compromise the MSP's infrastructure, then "hop" from the MSP's privileged access into the target organization's cloud environment - exactly what Alice did by infiltrating the MSP, stealing customer data, and using it to attack the final target.
Why the Distractors Are Wrong:
- B (Cloud Cryptojacking): This involves hijacking cloud computing resources to mine cryptocurrency - there's no cryptomining activity in this scenario.
- C (Cloudborne Attack): This targets vulnerabilities in bare-metal cloud infrastructure/firmware, allowing attackers to persist through server reassignments - not relevant here.
- D (MITC Attack): This exploits cloud synchronization tokens (like OAuth tokens) to intercept data between users and cloud services - Alice used spear-phishing and MSP access, not token hijacking.
Memory Tip: Think of "Cloud Hopper" as a stepping stone attack - the attacker hops through an MSP (the middleman) to reach the real target, like using a lily pad to cross a pond. If you see MSP + pivot to customer = Cloud Hopper.
Topics
Community Discussion
No community discussion yet for this question.