During a penetration test you find publicly hosted container images that embed AWS access keys. Attackers later leverage those keys to launch GPU instances for cryptomining, creating a massive bill for the victim. According to the CSA Top Threats list, which threat category best describes this situation?
This attack revolves around stolen cloud credentials. Once adversaries obtained the hard-coded AWS keys, they hijacked the account to provision costly resources. CSA classifies such credential theft and unauthorized resource manipulation as "Account or service hijacking." The other options focus on API weaknesses, denial-of-service aims, or intentional insider abuse, none of which match the scenario as closely.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are AWS access keys and why are they important?
Open an interactive chat with Bash
What is cryptomining and how do attackers misuse cloud resources for it?
Open an interactive chat with Bash
What measures can prevent embedded credentials from being leaked in container images?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Cloud Computing
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .