Effective CISSP Questions

Traditional cloud computing no longer meets the demands of high-performance computing from the ever-growing mobile and IoT devices. Edge computing offloads those computing requirements by placing edge servers and devices close to the user and origin of data, or as the last mile, to provide location-aware, bandwidth-sufficient, real-time, and low-cost services. Which of the following is the least common attack to the edge servers or devices?
A. DDoS attack
B. Side-channel attack
C. Malware Injection attack
D. Meet-in-the-middle attack

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Meet-in-the-middle attack.

The meet-in-the-middle attack (MITM) is a cryptographic attack. Edge computing systems are more often subject to for types of attacks:

  1. DDoS attacks
  2. Side-channel attacks
  3. Malware Injection attacks
  4. Authentication and Authorization attacks

The Meet-in-the-middle Attack (MITM)

The meet-in-the-middle attack (MITM) is a generic space-time tradeoff cryptographic attack against encryption schemes that rely on performing multiple encryption operations in sequence.

The MITM attack is the primary reason why Double DES is not used and why a Triple DES key (168-bit) can be bruteforced by an attacker with 256 space and 2112 operations.

Source: Wikipedia

Edge Computing Technologies

Lanner posted an article, on November 18, 2019, that introduced five Edge Computing Technologies as follows:

  1. Multi-Access Edge Computing
  2. Fog Computing
  3. Cloudlets
  4. Micro Data Centers
  5. Cloud of Things

General Architecture of Edge Computing



My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.

傳統的雲計算(Cloud Computing)不再能滿足日益增長的移動和物聯網設備對高性能計算的需求。 邊緣計算(Edge Computing)通過將邊緣服務器和設備放置在靠近用戶和數據源的地方或最後一哩路(the last mile)來減輕這些計算需求,從而提供位置感知,帶寬充足,實時和低成本的服務。 以下哪項是對邊緣服務器或邊緣設備的最不常見的攻擊?
A. DDoS attack
B. Side-channel attack
C. Malware Injection attack
D. Meet-in-the-middle attack

1 thought on “CISSP PRACTICE QUESTIONS – 20200826

Leave a Reply