CompTIA PenTest+ (PT0-002) — Question 310

During an assessment, a penetration tester was able to get access on all target servers by attempting authentication using a service account key that was published on the intranet site as part of a standard procedure. Which of the following should the penetration tester recommend for this type of finding?

Answer options

• A. Password encryption
• B. Role-based access control
• C. Secrets management solution
• D. Time-of-day restrictions

Correct answer: C

Explanation

The correct answer is C, as a secrets management solution can help securely store and manage sensitive information like service account keys, preventing unauthorized access. Options A and B do not specifically address the issue of exposed service keys, and D is not relevant to the core problem of securing sensitive credentials.