Part 2: Cloud Misconfigurations and Attack Surface

1. Research and list 5 common cloud misconfigurations (e.g., overly permissive S3 buckets, default security group rules).

SOLUTION

Part 3: Threat Actor Profile

1. Research APT32 or APT41 (choose one). Include:
   • Their known tactics, techniques, and procedures (TTPs)
   • Countries/industries targeted
   • Malware/ransomware families they deploy (e.g., Cobalt Strike, ShadowPad, etc.)

SOLUTION

1. What kind of indicators of compromise (IOCs) would you monitor for?

SOLUTION

AWS Config Rule Assignments