CompTIA CASP+ (CAS-003) — Question 229

A security consultant is conducting a penetration test against a customer enterprise that comprises local hosts and cloud-based servers. The hosting service employs a multitenancy model with elastic provisioning to meet customer demand. The customer runs multiple virtualized servers on each provisioned cloud host.
The security consultant is able to obtain multiple sets of administrator credentials without penetrating the customer network. Which of the following is the MOST likely risk the tester exploited?

Answer options

• A. Data-at-rest encryption misconfiguration and repeated key usage
• B. Offline attacks against the cloud security broker service
• C. The ability to scrape data remnants in a multitenancy environment
• D. VM escape attacks against the customer network hypervisors

Correct answer: C

Explanation

The correct answer is C because in a multitenant environment, data remnants from other tenants can be accessed if proper isolation and security measures are not in place. Options A and B refer to different security issues that do not directly relate to the acquisition of credentials without network access. Option D describes a specific attack method that requires a breach of the hypervisor, which is not applicable if the tester obtained credentials externally.