CompTIA PenTest+ (PT0-002) — Question 17

A penetration tester logs in as a user in the cloud environment of a company.
Which of the following Pacu modules will enable the tester to determine the level of access of the existing user?

Answer options

• A. iam_enum_permissions
• B. iam_prive_sc_scan
• C. iam_backdoor_assume_role
• D. iam_bruteforce_permissions

Correct answer: A

Explanation

The correct answer is A, iam_enum_permissions, as it specifically enumerates the permissions associated with the user, allowing the tester to understand their access level. The other options do not directly address the assessment of current user permissions; for example, B focuses on privilege escalation scans, C is about assuming roles, and D pertains to brute-forcing permissions.