CompTIA
CAS-003 · Question #629
CAS-003 Question #629: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #629. The question stem and answer options stay visible for context.
Enterprise Security Architecture
Question
A security consultant is conducting a penetration test against a customer enterprise local comprises local hosts and cloud-based servers. The hosting service employs a multitenancy model with elastic provisioning to meet customer demand. The customer runs multiple virtualized servers on each provisioned cloud host. The security consultant is able to obtain multiple sets of administrator credentials without penetrating the customer network. Which of the following is the MOST likely risk the tester exploited?
Options
- AData-at-rest encryption misconfiguration and repeated key usage
- BOffline attacks against the cloud security broker service
- CThe ability to scrape data remnants in a multitenancy environment
- DVM escape attacks against the customer network hypervisors
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#cloud multitenancy#data remnants#VM isolation#cloud security