035_Cloud-specific Vulnerabilities – CompTIA Security+ –

They are air-gapped from the internet

They only support Linux environments

They run on blockchain platforms

They use zero trust architecture

Unpatched systems with serious vulnerabilities

10%

25%

33%

76%

91%

It breaks encryption by default

It forces apps to shut down during maintenance

It increases exposure to global threats

It limits access to only internal users

It prevents users from accessing services

Bluejacking attacks

Brute force on local printers

Man-in-the-middle in offline mode

Physical tampering of routers

Remote Code Execution (RCE)

ARP spoofing

Cross-Site Scripting (XSS)

Fileless malware

Signal jamming

VPN leakage

Cookie Poisoning

DNS Tunneling

Drive-by Download

MAC Flooding

SQL Injection

BlueKeep

Heartbleed

Log4j

PrintNightmare

WannaCry

Cloud apps are globally accessible

Cloud apps are rarely backed up

Cloud services use firewalls only

They can bypass two-factor authentication

They only target mobile applications

Access restricted memory

Change Wi-Fi passwords

Disable cloud billing

Modify MAC addresses

Spoof IP addresses

Cloud service outages

Firewall misconfiguration

IP address leakage

Increased bandwidth costs

Vulnerability to critical CVEs