CompTIA PenTest+ (PT0-002) — Question 227
During the assessment of a client's cloud and on-premises environments, a penetration tester was able to gain ownership of a storage object within the cloud environment using the provided on-premises credentials.
Which of the following BEST describes why the tester was able to gain access?
Answer options
- A. Federation misconfiguration of the container
- B. Key mismanagement between the environments
- C. IaaS failure at the provider
- D. Container listed in the public domain
Correct answer: A
Explanation
The correct answer is A because a misconfiguration in the federation could allow on-premises credentials to access cloud resources. Options B, C, and D do not directly address the issue of credential misuse across environments, making them less likely explanations for the tester's access.