PT0-003
Attacks and Exploits
medium
Question 3 of 34

A penetration tester is performing an IAM misconfiguration assessment in an AWS environment and discovers that an IAM user has the policy AdministratorAccess attached directly. Why is this a significant security finding?

AIt prevents MFA enforcement for the account
BIt grants full access to all AWS services and resources, violating the principle of least privilege
CIt allows the account to bypass CloudTrail logging
DIt enables the account to disable AWS Shield

More Attacks and Exploits Questions

34 questions

Full CompTIA PenTest+ Practice Test

All topics covered

All CompTIA PenTest+ Questions

Browse by topic

Related Questions

Which attack technique involves capturing a user's authentication hash and using it directly to auth...

easy

A penetration tester is testing a web application login form and suspects it may be vulnerable to SQ...

medium

During a network penetration test, a tester performs a VLAN hopping attack using double tagging. Wha...

medium

A penetration tester has gained initial access to a Linux system and wants to escalate privileges. R...

hard

A penetration tester is conducting a web application test and identifies that the application reflec...

medium
View all Attacks and Exploits questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account