This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 2.5 of Cloud Threats and Attack Vectors
20 multiple-choice questions on cloud threats, attacks and privacy.
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
AWS IMDSv2 Documentation
Official AWS documentation on IMDSv2, session tokens, and enforcement methods.
Capital One Breach — Court Documents Analysis
US DOJ press release and indictment providing technical details of the SSRF-to-IMDS attack.
OWASP SSRF Prevention Cheat Sheet
OWASP guidance on preventing SSRF at the application layer.
AWS GuardDuty Finding: InstanceCredentialExfiltration
GuardDuty finding types for IAM credential theft and exfiltration.
Quadrant 4 · Self-Assessment
Cloud Threats, Attacks and Privacy
CSA Top 10, SSRF/IMDS, IMDSv2, EDoS, man-in-the-cloud, STRIDE, MITRE ATT&CK for Cloud, and data residency.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.