CompTIA PenTest+ PT0-002 Practice Question

The correct answer is 'Metadata service attack'. This type of attack takes advantage of open access to the metadata service, which often contains sensitive information, such as credentials or signed tokens that can be used to escalate privileges or move laterally within the cloud infrastructure. A 'Misconfigured cloud assets' answer does not describe a specific type of attack but rather a condition that could lead to multiple types of attacks. The 'Privilege escalation' answer can be a result of a successful metadata service attack but is not directly the method of exploiting the misconfigured service itself. 'Account takeover' refers to gaining control over another user's cloud account, which is not immediately achievable through exploiting the metadata service alone.