PT0-003 Question #238: Real Exam Question with Answer & Explanation

Question

A penetration tester successfully gained access to manage resources and services within the company's cloud environment. This was achieved by exploiting poorly secured administrative credentials that had extensive permissions across the network. Which of the following credentials was the tester able to obtain?

Options

• AIAM credentials
• BSSH key for cloud instance
• CCloud storage credentials
• DTemporary security credentials (STS)

Explanation

Explanation

IAM (Identity and Access Management) credentials are the administrative accounts used to manage and control resources, services, and permissions across an entire cloud environment - making them the key to the kingdom when compromised. IAM credentials are specifically designed for broad, cross-service administrative control, which aligns perfectly with the description of "extensive permissions across the network."

Option B (SSH keys) are used to access specific cloud instances (virtual machines), not to broadly manage cloud resources and services - they're instance-level, not environment-level. Option C (Cloud storage credentials) grant access only to storage services like S3 buckets, not comprehensive resource management across the environment. Option D (Temporary security credentials/STS) are short-lived, time-limited tokens issued for specific tasks - they are inherently restricted and temporary, making them an unlikely match for "extensive permissions."

🧠 Memory Tip: Think of IAM = "I AM the admin" - IAM credentials represent the master administrative identity in cloud environments. If a scenario describes broad, persistent, cross-service cloud control being compromised, always think IAM first.

No community discussion yet for this question.