ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 177 discussion

Actual exam question from CompTIA's PT0-002
Question #: 177
Topic #: 1
[All PT0-002 Questions]

A penetration tester is testing a web application that is hosted by a public cloud provider. The tester is able to query the provider's metadata and get the credentials used by the instance to authenticate itself. Which of the following vulnerabilities has the tester exploited?

  • A. Cross-site request forgery
  • B. Server-side request forgery
  • C. Remote file inclusion
  • D. Local code inclusion
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Random_Mane at Dec. 7, 2022, 1:23 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
RRabbit_111
Highly Voted 9 months, 2 weeks ago
Selected Answer: B
B. Server-side request forgery Server-side request forgery (SSRF) is an attack vector that allows an attacker to access internal resources that are not normally accessible from outside the network. In this case, the penetration tester has exploited this vulnerability by querying the provider's metadata to get the credentials that the instance is using to authenticate itself.
upvoted 7 times
...
nickwen007
Highly Voted 8 months ago
Server-side request forgery is a type of attack in which the attacker sends malicious requests to a server on behalf of a legitimate user. This can be used to gain access to data or stimulate certain actions on the server. The attacker exploits weaknesses in the web application or server architecture to carry out this attack.
upvoted 6 times
...
cy_analyst
Most Recent 7 months ago
Selected Answer: B
SSRF occurs when an attacker can send a crafted request to a server that results in the server making a request to a third-party resource specified by the attacker.
upvoted 2 times
...
2Fish
9 months ago
Selected Answer: B
Yup.. its B.
upvoted 3 times
...
Random_Mane
11 months ago
Selected Answer: B
SSRF is the answer
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago