CompTIA PenTest+ (PT0-003) — Question 136

A penetration tester successfully gained access to manage resources and services within the company’s cloud environment. This was achieved by exploiting poorly secured administrative credentials that had extensive permissions across the network. Which of the following credentials was the tester able to obtain?

Answer options

• A. IAM credentials
• B. SSH key for cloud instance
• C. Cloud storage credentials
• D. Temporary security credentials (STS)

Correct answer: A

Explanation

The correct answer is A, IAM credentials, as they are specifically designed for managing access and permissions within cloud environments. The other options, such as SSH keys and cloud storage credentials, are not typically associated with administrative control over a cloud infrastructure's resources and services.