Artificial Intelligence and Data Science

Academic Year 2024 – 2025

Question Bank
Course Code / Name: CCS362 / SECURITY AND PRIVACY IN CLOUD

Year / Sem. / Sec: III / VI

UNIT – I – FUNDAMENTALS OF CLOUD SECURITY CONCEPTS

PART – A

D.L
Q.No Questions CO BT
(E/M/D)
1 List the five security services provided by cloud computing? CO1 R E

2 What are the two main types of cryptography?

CO1 R E
3 What are hash functions and how are they used in cloud security?
CO1 R E
4 Define digital signatures, and how are they used in cloud security?
CO1 R E
5 Define nonrepudiation.
CO1 R E
6 Compare cloud security vs. traditional network security.
CO1 U M
Compare symmetric-key cryptography and asymmetric-key
7
cryptography. CO1 U M
8 List the applications of cryptography.
CO1 R E
9 Define MAC.
CO1 R E
10 What is meant by access control and give its uses?
CO1 R E
Provide an example of how digital signatures are used in cloud
11
security. CO1 R M
12 What is the use of asymmetric cryptography in secure data sharing?
CO1 R M
13 What role does access control play in a multi-tenant environment?
CO1 R E
What is the basic difference between hash functions and digital
14
signatures? CO1 R M
15 List the use of asymmetric cryptography in secure data sharing.
CO1 R E
Recall the purpose of public-key cryptography and its primary use
16
cases in cloud environments. CO1 R M
Name the essential principles of access control and provide
17
examples of how they are implemented in cloud systems. CO1 R M
List the importance of access control in cloud security and how it
18
prevents unauthorized access to resources. CO1 R M
What is the role of digital signatures in ensuring non-repudiation in
19
cloud-based communication? CO1 R E
 Define the concepts of confidentiality, integrity, and authentication
20
in the context of cloud security. CO1 U M

PART – B

D.L
Q.No Questions M CO BT
(E/M/D)
Analyze the key security services essential for cloud computing
1
environments and their interactions. 16 CO1 AN M
Examine the role of confidentiality in cloud security, and describe the
2
techniques used to ensure it in cloud environments. 16 CO1 U E
Analyze the concept of data integrity within cloud security and assess
3
methods to maintain it in a cloud environment. 16 CO1 AN M
Explain the significance of authentication in cloud security, and describe
4 how various authentication methods differ and are similar in the context 16 CO1 U M
of cloud computing.
Analyze and define the concept of non-repudiation. Discuss its
5
implications for cloud security. 16 CO1 AN E
Apply your understanding of access control mechanisms in cloud
6
environments to discuss how they enhance cloud security. 16 CO1 AN E
Differentiate and apply the concepts of conventional and public-key
7 cryptography in cloud security contexts. What are their advantages and 16 CO1
AP M
specific use cases?
Explain the principles of cryptography in cloud security, and describe
8
how they are implemented to protect data in the cloud. 16 CO1 U M
Analyze the role of hash functions in cloud security, including their
9 AN M
strengths, limitations, and potential vulnerabilities in securing data. 16 CO1
Discuss how authentication and digital signatures are used in cloud
10 environments and how they help ensure data integrity and prevent denial 16 CO1 U M
of actions.

UNIT – II– SECURITY DESIGN AND ARCHITECTURE OF CLOUD

PART – A

D.L
Q.No Questions CO BT
(E/M/D)
1 Explain security in cloud computing.
CO2 R E
What is isolation in cloud computing, and why is it important?
2
CO2 R E
Why is network segmentation important for multi-tenancy and
3
security? CO2 R E
4 What techniques are used in obfuscation?
CO2 R E
5 What is the purpose of data redaction?
CO2 R E
6 Define tokenization.
CO2 R E
 7 Explain obfuscation.
CO2 R E
8 What are the key aspects of data virtualization?
CO2 R E
9 List the benefits of storage virtualization.
CO2 R E
10 Define Certificate Authority (CA).
CO2 R E
List the effectiveness of tokenization versus encryption for data
11
protection. CO2 R M
Why is data archiving necessary, and how can it be secured in the
12
cloud? CO2 R M
What steps would you take to mitigate API vulnerabilities in cloud
13
systems? CO2 R M
14 How does virtualization enhance security in cloud architectures?
CO2 R M
15 How would you secure virtual machines in a cloud environment?
CO2 R M
Differentiate between data encryption, tokenization, and data
16
redaction as strategies for data protection in the cloud. CO2 U D
Brief on common attack vectors and threats in cloud computing and
17
how they impact network and storage security. CO2 U D
How does the secure isolation strategies enhance security in a
18
multi-tenant cloud environment? CO2 R M
Give the significance of data retention, deletion, and archiving
19
procedures for tenant data in maintaining cloud security. CO2 U M
Name the components of end-to-end access control in a cloud
20
computing environment. CO2 R E

PART – B

D.L
Q.No Questions M CO BT
(E/M/D)
Analyze the key security design principles required for safeguarding
1
cloud computing environments. Explain in detail. 16 CO2 AN E
Examine the concept of comprehensive data protection within cloud
2 security. How can sensitive data be effectively analyzed for protection 16 CO2 AN M
throughout its lifecycle in the cloud?
Explain the importance of end-to-end access control in cloud computing,
3 and describe the strategies and technologies used to enforce it in cloud 16 CO2 U M
environments.
Identify and analyze common attack vectors and threats in cloud
4 computing. What analytical approaches can be taken to mitigate or 16 CO2 AN M
prevent these threats?
Categorize strategies for network and storage security in cloud
5 computing. What measures have been implemented to secure network 16 CO2 AP D
communications and protect stored data?
Discuss secure isolation strategies in cloud security, and outline how
6 measures can be implemented to ensure multi-tenancy environments 16 CO2 U E
are securely segregated to prevent unauthorized access.
 Describe virtualization strategies that enhance cloud security, and
7 explain how virtualization technologies can improve security and 16 CO2 U M
isolation in cloud environments.
Apply inter-tenant network segmentation strategies in cloud computing.
8 How can you effectively separate network traffic between different 16 CO2 AP D
tenants to ensure data privacy and security?
Discuss data protection strategies in the cloud, including data retention,
9 deletion, and archiving procedures for tenant data, and explain best 16 CO2 U M
practices for securely managing this data.
Analyse the application of various data protection techniques used in
10 cloud environments, such as encryption and tokenization. How can these
techniques be effectively utilized to enhance data security in the cloud? 16 CO2 AN M

UNIT – III– ACCESS CONTROL AND IDENTITY MANAGEMENT

PART – A

D.L
Q.No Questions CO BT
(E/M/D)
1 What are the components of role-based access control? CO3 R E

2 List the four types of role-based access control? E

CO3 R
3 Define RBAC. E
CO3 R
4 Define MULTI-FACTOR AUTHENTICATION (MFA). E
CO3 R
5 What are the key types of role-based access control? E
CO3 R
6 How does SSO (Single Sign-On) work? E
CO3 R
7 List its functions (identity providers). M
CO3 R
8 How is IDP used in cloud security?
CO3 R E
9 List the types of intrusion detection and prevention. M
CO3 R
10 What is Access Control in Cloud Infrastructure? E
CO3 R
11 What is the difference between Authentication and Authorization? CO3 M
R
12 Explain Single-Sign-On (SSO). CO3 U M
13 How does OS Hardening contribute to security?
CO3 R M
14 What is Verified and Measured Boot?
CO3 R M
15 What are Identity Providers (IdP)?
CO3 R E
How verified and measured boot helps ensure the integrity of a
16
cloud operating system? CO3 R E
Name the essential requirements for securing cloud infrastructure,
17
such as verified boot and OS hardening. CO3 R M
 List the key components of access control in cloud infrastructure,
18
including authentication, authorization, and user identification. CO3 R M
Identify and list the primary storage and network access control
19
options available in cloud environments. CO3 U E
Give the importance of OS hardening and minimization in
20
strengthening the security of cloud environments. CO3 R M

PART – B

D.L
Q.No Questions M CO BT
(E/M/D)
Explain the principles of Roles-Based Access Control (RBAC) in a cloud
1 environment, and describe how it can be used to manage resource 16 CO3 U M
access efficiently.
Discuss techniques to integrate Multi-Factor Authentication (MFA) into
2 an existing cloud infrastructure, and explain how to do so without 16 CO3 U E
disrupting the user experience.
Apply the steps to implement Single Sign-On (SSO) in a multi-cloud
3
setup, addressing interoperability and security concerns. 16 CO3 AP M
Illustrate secure interaction protocols between identity providers and
4
service consumers in a federated identity framework. 16 CO3 AP M
Apply OS hardening and minimization techniques to enhance the
5
security of cloud-based operating systems. 16 CO3 AP M
Model the implementation of secure and measured boot in a cloud
6
infrastructure. 16 CO3 AP M
Analyze a strategy for developing and deploying an intrusion detection
7
and prevention mechanism in a cloud environment. 16 CO3 AN M
Explain the access control requirements for cloud infrastructure, and
8 describe how they help ensure secure user access and protect 16 CO3 U M
resources.
Analyze the importance of user identification in access control. What
9 specific techniques and practices can be applied to uniquely identify 16 CO3 AN M
users within a cloud environment?
Discuss the concepts of authentication and authorization in cloud access
10 control, and explain the processes and mechanisms used to ensure
secure user authentication and authorization. 16 CO3 U M

UNIT – IV– CLOUD SECURITY DESIGN PATTERNS

PART – A

D.L
Q.No Questions CO BT
(E/M/D)
1 How does cloud bursting work? CO4 R E

2 Define secure external cloud.

CO4 R E
3 Define secure on-premise internet access.
CO4 R E
4 List some of the advantages of geotags in cloud security.
CO4 R E
 5 Explain cloud bursting U M
CO4
6 Explain geotagging. U M
CO4
7 What is meant by burst trigger?
CO4 R E
8 Why do we need geotags in cloud security?
CO4 R M
9 Define secure cloud interfaces.
CO4 R M
10 What are the benefits of implementing cloud bursting?
CO4 R M
What factors should be considered when designing secure cloud
11
interfaces? CO4 R M
What challenges are associated with cloud resource access
12
control? CO4 R M
13 How does secure on-premise internet access work?
CO4 R E
14 What are the benefits of implementing cloud bursting?
CO4 R E
15 Describe geo-tagging and its significance in cloud security.
CO4 R M
Explain cloud bursting and its benefits in managing workload spikes
16
securely. CO4 U M
Identify the components of secure cloud resource access control
17
and their roles. CO4 U M
Name the fundamental principles behind secure on-premise internet
18
access in cloud environments. CO4 R M
List the key cloud security design patterns and their primary
19
objectives. CO4 R M
Define cloud bursting and its benefits in managing workload spikes
20
securely. CO4 R M

PART – B

D.L
Q.No Questions M CO BT
(E/M/D)
Analyze the concept of design patterns. How do they contribute to
1
software development and architecture? 16 CO4 AN M
Describe the concept of cloud bursting, and explain how it supports
2 E
resource scaling in a hybrid cloud environment. 16 CO4 U
Analyze the role of geo-tagging in cloud computing and applications. List
3 AN E
the benefits it provides. 16 CO4
Discuss the significance of secure cloud interfaces in cloud security, and
4 explain the measures and protocols necessary for establishing secure 16 CO4 U M
communication between cloud services and clients.
Analyze the importance of cloud resource access control. What
5 mechanisms and techniques can be employed to enforce access control 16 CO4 AN M
policies for cloud resources?
Apply the concept of secure external cloud connectivity to establish
6
secure communication and data exchange between different cloud 16 CO4 AP M
 environments? What measures would you implement to ensure its
effectiveness?
Discuss the challenges and considerations in designing and
7 implementing secure cloud interfaces for multi-cloud environments, and 16 CO4 U M
explain how to address them.
Analyze the strategies and technologies that ensure secure on-premises
8 M
internet access, including VPNs, firewalls, and network segmentation. 16 CO4 AN
Discuss the key principles and practices of cloud resource access
9 control, and explain how organizations can enforce fine-grained access 16 CO4 U M
control policies across different types of cloud resources.
Analyze how organizations can ensure secure internet access from on-
premise systems. What strategies and technologies should be
10
established for secure connectivity between on-premise networks and 16 CO4 AN D
the internet?

UNIT – V– MONITORING, AUDITING AND MANAGEMENT

PART – A

D.L
Q.No Questions CO BT
(E/M/D)
1 Explain monitoring. Give its uses. CO5 U E

2 How does cloud monitoring work?

CO5 R E
3 State the uses of cloud monitoring.
CO5 U E
4 What is cloud Incident Response (IR)?
CO5 R E
5 List the cloud incident response framework.
CO5 R E
What are the types of monitoring for unauthorized access in cloud
6
security? CO5 R E
List five strategies to prevent unauthorized access in cloud
7
security. CO5 R E
What are the ways that malicious traffic can be used to attack
8
cloud environments? CO5 R E
How to protect the cloud environment from abuse of system
9
privileges? CO5 U E
10 Define tamper-proofing audit logs.
CO5 R E
How can organizations monitor for unauthorized access in cloud
11
environments? CO5 R M
What is the role of Security Information and Event Management
12
(SIEM) in cloud security? CO5 R E
13 What are common indicators of malicious traffic?
CO5 R E
What are some best practices for user and identity management in
14
cloud security? CO5 R E
How can organizations manage alerts generated from monitoring
15
systems? CO5 R E
List the key activities involved in proactive monitoring of cloud
16
systems, including auditing and event management. CO5 U E
 Define the purpose of incident response in mitigating security
17
breaches in cloud environments. CO5 R E
Identify and list the components of a secure user management
18
framework and their roles in cloud security. CO5 R M
Recall the significance of generating and managing audit records
19
for compliance and security purposes. CO5 R E
Name the primary functions of a Quality of Services (QoS) strategy
20
in maintaining secure cloud management. CO5 R E

PART – B

D.L
Q.No Questions M CO BT
(E/M/D)
List and discuss on proactive activity monitoring, and its importance in
1
maintaining the security of a system or network. 16 CO5 AP E
Explain the concept of incident response. What are the key components
2
of an effective incident response plan? 16 CO5 U M
Discuss how organizations can monitor for unauthorized access and
3 detect malicious traffic within their systems or networks, and explain the 16 CO5 AP M
methods used in detail.
Analyze the significance of monitoring and detecting abuse of system
4 privileges. List the measures can be implemented to identify and mitigate 16 CO5 AN M
such abuse.
Discuss the role of events and alerts in security monitoring, and explain
5 how organizations can effectively manage and respond to security- 16 CO5 U E
related events and alerts.
Describe the role of auditing in maintaining system security. List the
6 essential aspects of auditing, such as record generation, reporting, and 16 CO5 AP M
management.
Explain how organizations can ensure the tamper-proofing of audit logs,
7 and categorize the techniques and practices that can be used to prevent 16 CO5 U M
unauthorized modification or deletion of audit logs.
Classify the importance of Quality of Services (QoS) in cloud computing.
8 How can organizations ensure that the required level of QoS is 16 CO5 AN M
maintained while providing secure and reliable services?
Analyze and explain the concept of secure management in the context
9 of cloud computing. What are the key considerations and practices for 16 CO5 AN M
securely managing cloud services?
Discuss Security Information and Event Management (SIEM), and
10 explain how SIEM contributes to security monitoring, event correlation, 16 CO5 U E
and threat detection in complex IT environments.

Faculty HoD Dean-Academics Principal

*M – Marks CO – Course Outcome *BT – Blooms Taxonomy Level

*D.L – Difficulty Level (E- Easy, M-Medium, D-Difficult)