7. Cloud, Mobile, and IoT Security

Explanation: The National Institute of Standards and Technology (NIST) defined the essential characteristics of cloud computing as On-demand self-service, Broad network access, Resource pooling, Rapid elasticity, and Measured service.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 11 in PDF)

Explanation: Default or blank username/passwords that are often hardcoded or left unchanged by administrators can expose the devices or cloud environments to various attacks including unauthorized access and data theft.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: kube-hunter is an open-source tool designed specifically to check the security posture of Kubernetes clusters. It helps to identify and resolve vulnerabilities which can be exploited by attackers.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 48 in PDF)

Explanation: Reverse engineering involves analyzing the compiled mobile app to understand its source code and underlying architecture, allowing attackers to manipulate the mobile device by compromising the operating system and performing actions such as rooting or jailbreaking the device.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 29 in PDF)

Explanation: As per the given text, SDKs are composed of tools and resources that aid in the creation of applications (either on-premises or in the cloud). On the other hand, CDKs assist developers and cloud consumers in deploying applications to the cloud and taking advantage of the resources that the cloud provider offers.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: The underlining protocols used in a federated identity environment, such as SAML, OAuth, and OpenID, can be misconfigured by application developers. For example, a SAML assertion—an XML document sent by the identity provider to the service provider with user authorization—must contain a unique ID accepted by the application only once. If this isn’t implemented correctly, the attacker could replay a SAML message to create multiple sessions, manipulate the expiration date on an expired SAML message to make it valid again or alter the user ID to a different valid user.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 370 in PDF)

Explanation: According to the text, the NIST does not list ’Distributed storage’ as an essential characteristic of cloud computing. On-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service are listed as the essential characteristics.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: According to the NIST, the essential characteristics of cloud computing consist of on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Side-channel attacks typically focus on exfiltrating information that can give attackers direct benefits or more access to the system. This includes credentials, cryptographic keys, and other sensitive information, by measuring coincidental hardware emissions.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page PT0-002 in PDF)

Explanation: Certificate pinning is employed to restrict the mobile app to form connections only with a trusted/known server, referred to as ’pinning’ the server. This reduces reliance on external Certificate Authorities and minimizes the attack surface.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 72 in PDF)

Explanation: In the given text, cloud storage leaks are not mentioned as one of the common attack techniques against mobile devices, while sandbox analysis, using known vulnerable components, and reverse engineering are stated as common techniques.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Strong password encryption is not a misconfiguration in IoT devices and cloud-based solutions. It is rather a good security practice and therefore is the correct answer.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Burp Suite is a web application security tool that can be utilized to test mobile applications and determine how they communicate with web services and APIs.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 10 in PDF)

Explanation: Saving as little sensitive data as possible in a mobile device’s local storage helps minimize the amount of data that may be vulnerable to unauthorized access. When some sensitive data must be stored, using secure storage APIs and hardware-based strong encryption – if properly applied – can help secure that data.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 49 in PDF)

Explanation: Credential harvesting is the act of gathering and stealing valid usernames, passwords, tokens, PINs, and other types of credentials through various methods such as phishing and spear phishing attacks.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: According to NIST, the essential characteristics of cloud computing are On-demand self-service, Broad network access, Resource pooling, Rapid elasticity, Measured service.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 25 in PDF)

Explanation: Dagda is a set of open-source static analysis tools that can help detect vulnerabilities, Trojans, backdoors, and malware in Docker images and containers. It uses the ClamAV antivirus engine to detect malware and vulnerabilities.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Drozer is an Android testing platform and framework that provides access to various exploits which can be used to target Android platforms.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 74 in PDF)

Explanation: The text mentions abnormal sharing and downloading of files as an indicator of an account takeover, but it does not mention removal of files as a detection method.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: ’needle’ is an open-source framework primarily used to test the security of iOS applications during mobile penetration testing.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: The passage explicitly mentions that attackers could change the expiration date on a SAML message to make it valid again, which could afford the attacker access to sensitive resources.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Insecure storage is listed as a prevalent vulnerability affecting mobile devices. Developers often do not use the secure storage APIs correctly. For example, the iOS Keychain is designed to securely store sensitive information, however, if not used correctly an attacker can figure out how keys are being created and stored in the keychain.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: An account takeover in the cloud can be detected in various ways, including the identification of malicious OAuth, SAML, or OpenID Connect connections. An attacker might create a rogue app that demands read, write, and send permissions for email SaaS solutions like Office 365 and Gmail. When the user provides permission for the app to connect and authenticate to these services, the attacker can then exploit it.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Hardcoded or default credentials are often left in place by administrators and in some cases by software developers, exposing devices or the cloud environment to different attacks. This makes them a common security misconfiguration in IoT and cloud-based solutions.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Metadata services in cloud computing, such as those implemented by Amazon Web Services, are primarily built to enable applications to query and obtain temporary access credentials for specific assets. This practice is aimed at reducing the security vulnerability associated with hard-coding credentials.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 85 in PDF)

Explanation: IoT devices, including sensors and gateways, have limited compute resources. As a result, some security features like encryption may not be supported.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: As specified in the given text, due to the limited compute resources, some IoT devices may not be able to support security features, including encryption.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Hyperjacking is a vulnerability that could allow an attacker to control the hypervisor, which in turn manages the entire virtual environment. This is typically achieved by installing a rogue, or ’fake,’ hypervisor that operates stealthily to avoid detection. Hyperjacking attacks can be launched in a number of ways, such as injecting a rogue hypervisor beneath the original one, or directly taking control of the original hypervisor.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Certificate pinning is a security measure used in mobile apps that associates the app with a particular digital certificate of a server. The idea is to force the mobile app to store the server certificate or public key and subsequently, the app will establish connections only to that trusted/known server. This method reduces the attack surface by removing the trust in external CAs, enhancing the security of the application.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 27 in PDF)

Explanation: Reverse engineering is the process of analyzing a compiled mobile app to extract information about its source code, which can be used to understand the underlying architecture of a mobile application and potentially manipulate the mobile device. This technique is often used by attackers to compromise the mobile device operating system and root or jailbreak mobile devices.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 36 in PDF)

Explanation: VM escape vulnerability allows an attacker to ’escape’ the VM and obtain access to other virtual machines on the system or access to the hypervisor.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Burp Suite is a tool that is commonly used to test mobile applications and determine how they communicate with web services and APIs. It is also a web application security tool used to perform security research.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Many IoT devices, including sensors and gateways, have limited compute resources. This lack of resources may result in some security features, including encryption, not being supported in IoT devices.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Anchore’s Grype is a tool designed for scanning container vulnerabilities. It can scan Docker images for known vulnerabilities.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 8 in PDF)

Explanation: Certificate pinning is a method used to associate a mobile app with a specific digital certificate of a server, hence forcing the mobile app to establish connections only to the trusted/known server. By pinning the server, the goal is to reduce the attack surface by removing the trust in external Certificate authorities (CAs).

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 101 in PDF)

Explanation: Default or blank usernames and passwords are often left in place by administrators or software developers, exposing devices and cloud environments to myriad attack vectors.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Designing and securing IoT systems present a number of complexities. These systems have challenging integration requirements as they must integrate a wide range of IoT edge devices with varying device constraints and with back-end business applications. In addition, IoT is expanding beyond the support capability of traditional IT stakeholders.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Certificate pinning in mobile devices is used to associate a mobile app with a specific digital certificate of a server. This is done to ensure that the app only establishes connections to the trusted/known server, thereby reducing the attack surface by removing trust in external CAs.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 12 in PDF)

Explanation: Bluetooth Low Energy (BLE) does not have a phase known as ’Long-term key storage’ when establishing a connection. The three-phase process includes Pairing feature exchange, Short-term key generation, and Transport-specific key distribution.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: A direct-to-origin (D2O) attack enables attackers to determine the origin network or IP address behind a content delivery network (CDN) or large proxy placed in front of web services in a cloud provider. With this information, attackers can bypass anti-DDoS mitigations, potentially resulting in significant impacts on the cloud service.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 75 in PDF)

Explanation: The text does not mention observing a sudden drop in user activity as a way to detect cloud account takeover attacks. The other options are all mentioned in the text.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 3 in PDF)

Explanation: Needle is an open-source framework used to test the security of iOS applications. It can be downloaded from https://github.com/FSecureLABS/needle.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 8 in PDF)

Explanation: The text explains that if the IAM solution of a cloud-based system is compromised, it can have severe consequences for the user. IAM systems are responsible for user and application authentication and authorization. If such a system is compromised, it means an attacker may have gained unrestricted access.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: The passage states that some of the most common vulnerabilities in IoT implementations include hard-coded configurations and the use of outdated hardware and firmware. IoT vendors often sell products with hard-coded insecure configurations or credentials and many organizations continue to run outdated software and hardware in their IoT devices. Devices often lack a secure update mechanism.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 16 in PDF)

Explanation: An SDK is a collection of tools and resources to help with the creation of applications, both on premises and in the cloud. It often includes compilers, debuggers, and other software frameworks.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: The text indicates that attackers use a method known as jailbreaking to bypass digital rights management, a type of privilege escalation. This is mostly common on Apple iOS-based mobile devices.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 29 in PDF)

Explanation: The management and orchestration of IoT systems introduce additional complexity due to disparate hardware and software, the use of legacy technologies, and, often, multiple vendors and integrators.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 67 in PDF)

Explanation: According to the NIST, the essential characteristics of cloud computing include on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 32 in PDF)

Explanation: It is common for IoT devices to have hard-coded insecure configurations or credentials. This vulnerability can involve passwords, tokens, encryption keys, and more.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 89 in PDF)

Explanation: Horizontal privilege escalation occurs when a normal user accesses functions or content that are reserved for other normal users. For example, one user reading another’s email.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: One common security issue with IoT devices is that they often lack a secure update mechanism. Without the ability to update devices in a secure manner, outdated software and hardware can be left running, making them more vulnerable to attacks. This update issue is particularly problematic for devices located in remote or difficult-to-access locations, such as an oil rig in the middle of the ocean.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: The passage mentions that managing and orchestrating IoT systems introduces additional complexity due to the use of disparate hardware and software, often involving multiple vendors and integrators.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 63 in PDF)

Explanation: According to the National Institute of Standards and Technology (NIST), the essential characteristics of cloud computing include on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Modular architecture is not mentioned as a characteristic of cloud computing by NIST.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 41 in PDF)

Explanation: All the options listed – default/blank username/password, network exposure, lack of user input sanitization, underlying software vulnerabilities, and error messages and debug handling – represent common misconfigurations in IoT devices and cloud-based solutions.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Needle is an open-source framework used specifically to test the security of iOS applications.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 13 in PDF)

Explanation: Federated Authentication systems, which coordinate a user’s identity across different identity management systems, are often misconfigured. This can introduce security vulnerabilities by enabling various attacks, such as replaying a SAML message to create multiple sessions, or tampering with the expiry date on a SAML message to reactivate it.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 41 in PDF)

Explanation: Drozer is an Android testing platform and framework providing access to numerous exploits that can be used to attack Android platforms. Bettercap is a tool used to perform on-path attacks and Frida is a dynamic instrumentation toolkit for security researchers and reverse engineers. Hence, all of them can be utilized for performing mobile security research and testing.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page Page in PDF)

Explanation: Sandboxing is a security mechanism used to isolate applications from each other, and to limit what resources an application or process can access. It is designed to prevent potential security breaches or exploits, not enable them.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 11 in PDF)

Explanation: VM repository vulnerabilities involve attackers uploading counterfeit or impersonated VMs that contain malicious software and backdoors. Organizations that use these ready-made VMs inadvertently allow attackers to influence their systems, applications and data.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Security as a Service (SECaaS) is not considered a basic model of cloud computing according to NIST’s definitions. The basic models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 60 in PDF)

Explanation: The text does not mention ’network isolation’ as a common misconfiguration. Instead, it refers to ’network exposure’, where IoT systems are wrongly exposed to the internet, as a typical misconfiguration issue.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: IoT devices can indeed be manipulated by an attacker and used for sensitive data exfiltration. Given their connectivity and often inadequate security, these devices can serve as a vector for data theft.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Credential harvesting is often done via phishing and spear phishing attacks, in which the attacker sends an email that leads recipients to a mock website closely resembling a legitimate platform, such as Gmail, Office 365, or a social media site. When the unsuspecting user enters their login credentials, the credential harvesting attack takes place.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: In a cloud malware injection attack, the attacker creates a malicious application and injects it into a SaaS, PaaS, or IaaS environment. Once the malware injection is completed, the malware is executed as one of the valid instances running in the cloud infrastructure. Subsequently, the attacker can leverage this foothold to launch additional attacks.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 57 in PDF)

Explanation: Postman is mentioned in the passage as a tool used to test and develop APIs, making it vital to mobile device security testing.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 16 in PDF)

Explanation: Sandbox analysis refers to a potential attacker’s activities in examining the sandbox implementation of a mobile device with the aim of identifying possible ways to get around the access control mechanisms provided by the operating system or the mobile app developers.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 113 in PDF)

Explanation: Reverse engineering is a process where attackers analyze the compiled mobile app to understand its underlying architecture and potentially manipulate the mobile device. Through reverse engineering, attackers can compromise the mobile device’s operating system.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 175 in PDF)

Explanation: Falco is used as a threat detection engine for Kubernetes, not a container vulnerability scanner.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Burp Suite is a widely used tool for testing the security of web applications, including mobile apps. It’s especially adept at examining how applications interact with web services and APIs, thus making it a crucial tool for penetration testing.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 87 in PDF)

Explanation: Frida is a dynamic instrumentation toolkit that is specifically designed for security research and reverse engineering, making it the correct choice.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 11 in PDF)

Explanation: Needle is an open-source framework used to test the security of iOS applications as mentioned in the text.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: The Baseboard Management Controller (BMC) in an IPMI subsystem has direct access to the system’s motherboard and other hardware. If the BMC is compromised, it can be leveraged to monitor, reboot, and even potentially install implants (or any other software) in the system. Access to the BMC is essentially equivalent to having physical access to the underlying system.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 27 in PDF)

Explanation: Platform as a Service (PaaS) provides everything needed for system development except the applications. It includes services for all phases of the systems development life cycle and application programming interfaces, website portals, or gateway software.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 32 in PDF)

Explanation: An objection biometric bypass attack is a type of attack that can be used to bypass the local authentication mechanisms in iOS and Android devices. This might happen when there are vulnerabilities in the integration of local authentication systems, potentially causing sensitive data exposure or full compromise of the mobile device.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 23 in PDF)

Explanation: High resilience against physical damage is not mentioned in the text as a special consideration for IoT security. The aspects that are mentioned include the fragile environment due to limited resources, the threat of DoS attacks, and the vulnerability to data corruption and exfiltration.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 444 in PDF)

Explanation: The text mentions that attackers commonly use phishing and spear phishing emails to gather and steal valid usernames, passwords, tokens, PINs, and other types of credentials. The attackers create a ’fake site’, which they make to appear like a legitimate cloud service, and trick users into entering their credentials.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: kube-bench is an open-source tool that performs a security assessment of Kubernetes clusters based on the CIS Kubernetes Benchmark. It helps in identifying potential security risks in the configuration and set up of the Kubernetes clusters.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 128 in PDF)

Explanation: As explained in the text, the Credential Harvester Attack Method involves stealing valid usernames, passwords, tokens, PINs, and any other types of credentials through infrastructure breaches, often via tactics such as phishing and spear phishing emails, or through fake websites impersonating legitimate services.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: If the Baseboard Management Controller (BMC) of an IPMI IoT implementation is compromised, it can provide the attacker with the ability to monitor, reboot, or potentially install malicious software into the system. This is because the BMC has direct access to the system’s motherboard and other hardware, meaning access to the BMC is basically the same as physical access to the underlying system.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 13 in PDF)

Explanation: The frequency of emails being sent from an account is not mentioned as a method to detect account takeover attacks. Methods mentioned include checking login location, failed login attempts, lateral phishing emails, suspicious OAuth, SAML or OpenID Connect connections, and abnormal file sharing and downloading behaviors.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 62 in PDF)

Explanation: The security layers that apply to containerized workloads include: The container image, Software inside the container, The host operating system, Interaction between containers and the host operating system, and Security in runtime environment and orchestration platforms such as Kubernetes.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Running containers with root privileges raises a security concern as the containers are just one vulnerability away from being fully compromised. This means that a security breach could result in an attacker gaining complete control over the container.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Encryption support on every device is actually a desirable security measure and not a vulnerability. Having encryption support can protect sensitive data and communications from being easily stolen by attackers.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 105 in PDF)

Explanation: A hyperjacking attack involves installing a rogue or fake hypervisor that can manage the entire virtual environment. The rogue hypervisor operates in a stealth mode, avoiding detection. The attack can be launched by injecting a rogue hypervisor underneath the original hypervisor or by directly controlling the original hypervisor, or by running the rogue hypervisor on top of an existing hypervisor.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: The text mentions that managing and orchestrating IoT systems is complex because of the disparate hardware and software involved, as well as the use of legacy technologies and often multiple vendors and integrators.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: Default credentials and insecure configurations are easily identifiable with searches on platforms like Shodan.io, and expose IoT devices to attackers who can take advantage of the known vulnerabilities.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 73 in PDF)

Explanation: Detecting an account takeover is often done through abnormal or suspicious activities. Checking for normal file sharing and downloading may not provide any hints towards a possible takeover.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 31 in PDF)

Explanation: Power consumption rates does not have a strong correlation with detection of a cloud account takeover. The text notes detection methods like determining login location, blocking failed login attempts, noting abnormal file sharing, and other activities that have a direct relation with account usage.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 26 in PDF)

Explanation: Misconfigured federated authentication (such as SAML, OAuth, and OpenID), can allow an attacker to replay a SAML message to create multiple sessions. They could also manipulate expiration dates on expired SAML messages or change the user ID to a valid user to gain unauthorized access.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)

Explanation: A directto-origin (D2O) attack refers to a technique used by attackers in order to discover the origin network or IP address behind a content delivery network (CDN) or a large proxy placed in front of web services within a cloud provider. This could potentially allow attackers to bypass various DDoS mitigation measures.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7-3 in PDF)

Explanation: Preventing vertical privilege escalation requires limiting the access rights of users so that they cannot access functions beyond their privilege level. This can be achieved by employing an access control system like User Account Control (UAC), which can restrict the privileges of a user unless authorized by an administrator.

Ref: CompTIA PenTest+ PT0-002 Cert Guide (Certification Guide) 2nd Edition

(Page 7 in PDF)