incident-response-trainer
Mock scenarios · Rule-based grading
CatalogOverviewSnapshot
← Back to catalog
Cloud InfrastructureeasyPublic Object-Storage ExposureHigh asset
Scenario

Public object-storage bucket exposed — customer files world-readable

A easy Cloud Infrastructure scenario on Public Object-Storage Exposure.

Practice this scenario

Start a graded attempt against this scenario. Your response is scored by the same deterministic rubric used across the catalog. Email and evidence content stay hidden until you start.

Launches this exact scenario. One of 2 templates in this Track + Difficulty pool.

catalog id · cloud-public-object-storage-exposure

Training alignment

What this scenario practices, mapped to recognized frameworks.

Educational mapping only. Not a compliance attestation.

What this trains
  • Reduce public exposure of cloud storage
  • Preserve access-log evidence and scope blast radius
MITRE ATT&CKmitre-attack
  • Data from Cloud Storage · CollectionT1530 · TA0009
    MappedHigh confidence

    Trains defensive triage when a storage bucket is left publicly readable and customer data could be collected.

MITRE D3FENDmitre-d3fend
  • Resource Access Policy AuditingD3-RAPA
    MappedHigh confidence

    Trains auditing and correcting the bucket access policy that exposed the data.

  • User Account PermissionsD3-UAP
    MappedMedium confidence

    Trains scoping the deploy service account that set the public policy.

NIST CSF 2.0nist-csf-2
  • Data Security · ProtectPR.DS · PR
    MappedHigh confidence

    Trains the data-security posture that keeps customer objects private.

  • Continuous Monitoring · DetectDE.CM · DE
    MappedHigh confidence

    Trains detection of a public-access change from posture monitoring and access logs.

NIST SP 800-61r3nist-sp-800-61r3
  • IR lifecycle phaseDetection & Analysis
    MappedHigh confidence

    Trains scoping which objects were exposed and actually read from access logs.

  • IR lifecycle phaseContainment, Eradication & Recovery
    MappedHigh confidence

    Trains making the bucket private and enabling account-wide public-access blocks.

CISA Cybersecurity Performance Goalscisa-cpg
  • Secure Sensitive Data2.I
    MappedHigh confidence

    Trains the sensitive-data baseline that keeps customer documents non-public.

  • Asset Inventory1.A
    MappedMedium confidence

    Trains knowing which buckets hold sensitive data so exposure is scoped fast.

CIS Controls v8cis-controls
  • Data ProtectionControl 3
    MappedHigh confidence

    Trains the data-protection control the exposure exercises.

  • Audit Log ManagementControl 8
    MappedMedium confidence

    Trains preserving the access logs that scope the read activity.