Crucial Exams

CompTIA PenTest+ PT0-002 Practice Question

In a red team exercise against a company's cloud infrastructure, you discover that the Elastic Compute Cloud (EC2) instances are configured to allow any attached role to access the instance metadata service without restrictions. With this misconfiguration in mind, what sophisticated technique should be used to carry out an attack that leverages the instance metadata service to gain escalated privileges within the cloud environment?

  • Execute a Direct-to-Origin attack by accessing the instance metadata service directly to retrieve security credentials for IAM role escalation.

  • Perform a VLAN hopping attack to bypass network segmentation and access the metadata service from a compromised instance within the same VLAN.

  • Use NTLM relay attacks to capture authentication details and replay them against the metadata service for escalated cloud privileges.

  • Engage in Kerberoasting to steal Kerberos tickets from the EC2 instances and gain access to the metadata service.

CompTIA PenTest+ PT0-002
Attacks and Exploits
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
SAVE $49
CompTIA PenTest+ Voucher (PT0-002)
$404.00 $355.00
Bash, the Crucial Exams Chat Bot
AI Bot