During the assessment of a client's cloud and on-premises environments, a penetration tester was able to gain ownership of a storage object within the cloud environment using the provided on-premises credentials.
Which of the following BEST describes why the tester was able to gain access?
Federation misconfiguration of the container can best explain how the penetration tester was able to gain access. Federation allows using the same credentials across different environments. If there is a federation misconfiguration, it can inadvertently grant access to resources in the cloud environment using on-premises credentials, leading to unauthorized access.
Key management has to do with encryption. Federation (Security) misconfiguration makes more sense as credentials were accidentally switched.
A. Federation misconfiguration of the container: Federation allows users to use the same credentials across different systems, such as on-premises and cloud environments. B. Key mismanagement between the environments: This refers to improper handling or sharing of cryptographic keys. While it could be a reason for unauthorized access, the scenario specifically mentions gaining access through on-premises credentials rather than keys. C. IaaS failure at the provider: An Infrastructure as a Service (IaaS) failure would typically imply a problem at the cloud provider’s end, affecting the availability or security of the infrastructure. However, this scenario points to an issue with credentials and configuration rather than a provider failure. D. Container listed in the public domain: This would mean the storage object is publicly accessible, but the scenario describes gaining access using on-premises credentials, which indicates a permission or configuration issue rather than public exposure.
A is correct. Another major way into cloud environments is through exploitation of misconfigured services. Although improperly set up or overly permissive identity and access management (IAM) is one of the most commonly leveraged weaknesses, federation configuration issues, insecure object storage in services like S3, or weak configuration in containerization services can all allow you to gain a foothold in a cloud environment. --CompTIA PenTest+ Study Guide: Exam PT0-002, 2nd Edition
A is correct. B would be correct if the tester had to penetrate a system to gain the credentials.
Just asked a Cloud Security expert. The answer is B. Storage object is not related to a container which is a virtual image
B. Key mismanagement between the environments
Going with B. Seems to be a hiccup between on-prem and cloud environments.
B. Key mismanagement between the environments