ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT1-002 All Questions

View all questions & answers for the PT1-002 exam
Go to Exam

Exam PT1-002 topic 1 question 54 discussion

Actual exam question from CompTIA's PT1-002
Question #: 54
Topic #: 1
[All PT1-002 Questions]

A company is concerned that its cloud VM is vulnerable to a cyberattack and proprietary data may be stolen. A penetration tester determines a vulnerability does exist and exploits the vulnerability by adding a fake VM instance to the IaaS component of the client's VM. Which of the following cloud attacks did the penetration tester MOST likely implement?

  • A. Direct-to-origin
  • B. Cross-site scripting
  • C. Malware injection
  • D. Credential harvesting
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by rogal at Nov. 28, 2021, 3:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tokhs
Highly Voted 3 years, 8 months ago
Shouldnt be D?
upvoted 8 times
...
BinarySoldier
Highly Voted 3 years, 6 months ago
Selected Answer: D
I will take credential harvesting. Direct-to-Origin (D2O) is all about DDoS. Since the Pentester sort cloned the legit cloud VM, looks like this was a ruse to collect credentials from users who would attempt logins into the fake VM thinking it's the collect one.
upvoted 6 times
...
maigoya
Most Recent 1 year ago
Selected Answer: C
The attack described—adding a fake VM instance to the IaaS environment—most closely matches the concept of malware injection because it involves introducing unauthorized elements into the environment. While the term "malware injection" traditionally refers to injecting malicious software, in the context of this scenario, adding a fake VM can be seen as injecting an unauthorized or fake element into the system.
upvoted 1 times
...
afazaeli
1 year, 7 months ago
C is the answer, since Inserting fake VM means using the Malware injection! on other hand Harvesting is a direct targeting. so, I will go with the C!!!
upvoted 1 times
...
jp2137
2 years, 8 months ago
Selected Answer: D
this exam is so fricking dumb
upvoted 4 times
...
RVP20
3 years, 6 months ago
Again One of the stupid questions from Comptia!!! I'm not sure but i think between C & D.
upvoted 1 times
[Removed]
3 years, 4 months ago
I say C is closer, imo
upvoted 1 times
...
...
rogal
3 years, 8 months ago
in my opinion the right answer is C
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel