Question 1easymultiple choice
Read the full Cloud Application Security explanation →CCSP Cloud Application Security • Complete Question Bank
Complete CCSP Cloud Application Security question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "203.0.113.0/24"
}
}
}
]
}
```Refer to the exhibit.
```
apiVersion: v1
kind: Pod
metadata:
name: web-app
spec:
containers:
- name: web
image: nginx:latest
securityContext:
runAsUser: 1000
runAsGroup: 3000
allowPrivilegeEscalation: false
ports:
- containerPort: 80
```Refer to the exhibit. ``` [ERROR] 2025-03-01 12:34:56,789 - myapp - CRITICAL - SQL Injection detected on endpoint /api/login Input: ' OR '1'='1 ```
Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-secure-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "203.0.113.0/24"
}
}
}
]
}
```Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::123456789012:role/MyAppRole"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/*"
},
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::my-bucket/uploads/*"
}
]
}
```Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Application security
Platform security
Infrastructure security
Full stack security
Drag a concept onto its matching description — or click a concept then click the description.
European Union data protection
US healthcare information privacy
Payment card industry security
US financial reporting controls
Refer to the exhibit. Exhibit: Error: Error creating API Gateway v2: BadRequestException: Failed to create route because the requested route key is already in use status code: 400, request id: c6a1b2c3-d4e5-f6a7-b8c9-d0e1f2a3b4c5 Cause: The route key '/api/orders' already exists in the API.
Refer to the exhibit.
Exhibit:
JSON Policy (AWS S3 bucket policy):
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::myapp-data/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/8"
}
}
},
{
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::myapp-data/*"
}
]
}Refer to the exhibit.
Exhibit:
CloudTrail log (JSON):
{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"arn": "arn:aws:iam::123456789012:user/app-admin",
"accountId": "123456789012"
},
"eventSource": "ec2.amazonaws.com",
"eventName": "RunInstances",
"resources": [
{
"resourceType": "AWS::EC2::Instance",
"resourceName": "i-0abcdef1234567890"
}
],
"userAgent": "console.amazonaws.com",
"sourceIPAddress": "203.0.113.50",
"responseElements": {
"instancesSet": {
"items": [
{
"instanceId": "i-0abcdef1234567890",
"imageId": "ami-0c55b159cbfafe1f0"
}
]
}
}
}Refer to the exhibit.
```
{
"Policy": {
"PolicyName": "S3ReadOnlyAccess",
"PolicyId": "ANPAY6TVEXAMPLE",
"Arn": "arn:aws:iam::123456789012:policy/S3ReadOnlyAccess",
"Path": "/",
"DefaultVersionId": "v3",
"AttachmentCount": 0,
"PermissionsBoundaryUsageCount": 0,
"IsAttachable": true,
"CreateDate": "2021-01-01T12:00:00Z",
"UpdateDate": "2021-06-01T12:00:00Z"
}
}
```Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "192.0.2.0/24"
}
}
}
]
}
```Refer to the exhibit.
```
resource "aws_security_group" "web_sg" {
name = "web-sg"
description = "Security group for web servers"
vpc_id = aws_vpc.main.id
ingress {
description = "HTTP from VPC"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["10.0.0.0/8"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
```Error: Exception in thread "main" java.lang.SecurityException: Unauthorized access
at com.cloudapp.auth.TokenValidator.validate(SourceFile:112)
at com.cloudapp.api.ApiGateway.handleRequest(SourceFile:45)
Caused by: com.cloudapp.auth.InvalidTokenException: Token expired at 2024-11-20T10:30:00Z
at com.cloudapp.auth.JwtParser.parse(SourceFile:78)