Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Pass the The SecOps Group Cloud Pentesting eXpert CCPenX-Az Questions and answers with CertsForce

Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions
Questions # 1:

Carefully enumerate the accessible Azure Blob Container to locate a file containing credentials for an App Registration within the tenant. What is the Application/Client ID of the discovered App Registration?


Expert Solution
Questions # 2:

A compromised principal has permission to list role assignments. Identify which user has the User Access Administrator role at the resource group scope.


Expert Solution
Questions # 3:

Using the Azure access of the second compromised user, perform lateral movement within the environment to discover sensitive information. What is the flag uncovered during this activity?


Expert Solution
Questions # 4:

From inside the App Service environment, request an Azure Resource Manager token using the managed identity endpoint. Which resource value should be requested for Azure Resource Manager access?

Options:

A.

https://graph.microsoft.com/


B.

https://management.azure.com/


C.

https://vault.azure.net/


D.

https://storage.azure.com/


Expert Solution
Questions # 5:

After gaining access to the Azure tenant, enumerate all resource groups available to the compromised user. One resource group contains the word prod. What is the name of that resource group?


Expert Solution
Questions # 6:

The compromised service principal has Contributor access to a resource group but no direct Key Vault data-plane role. Can it immediately read Key Vault secret values?

Options:

A.

Yes, Contributor includes secret read permissions


B.

No, Contributor does not automatically grant Key Vault secret data-plane read


C.

Yes, if the vault is in the same resource group


D.

No, service principals cannot access Key Vault


Expert Solution
Questions # 7:

During App Service enumeration, you discover that the compromised user can read App Service application settings. Find the hidden flag stored in the application settings.


Expert Solution
Questions # 8:

You have been given a breached Azure user credential for an authorized lab tenant:

james.ward@cloudcorpsec.onmicrosoft.com

After logging in, identify the Azure Tenant ID and Subscription ID associated with the account.


Expert Solution
Questions # 9:

Using the previously retrieved credentials, authenticate as the App Registration within the tenant and enumerate potential lateral movement vectors. Which of the following roles is assigned to the App Registration?

Options:

A.

Key Vault Secrets User


B.

Cosmos DB Built-in Data Reader


C.

Container Apps Reader Role


D.

None of the above


Expert Solution
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions