ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 451 discussion

Actual exam question from CompTIA's PT0-002
Question #: 451
Topic #: 1
[All PT0-002 Questions]

A penetration tester is testing a client's infrastructure and discovers an API that provides information about the infrastructure that can be used to configure or manage the instances. The penetration tester uses this API to obtain temporary credentials used to access the infrastructure. Which of the following types of attacks did the penetration tester use?

  • A. Direct-to-origin
  • B. Side-channel
  • C. Cloud malware injection
  • D. Metadata service
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by bigneal007 at April 11, 2025, 7:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bigneal007
1 week, 1 day ago
Selected Answer: D
the Metadata service is used to provide temporary credentials to applications to access S3 (storage) as well as other services. This provides attackers with a potential means of accessing APIs and may lead to other credential acquisition opportunities. CompTIA PenTest+ Study Guide
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago