live chatMcAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Pass4Test 10%OFF Discount Code

The SecOps Group Certified Cloud Pentesting eXpert - Azure - CCPenX-Az Exam Questions

QUESTION NO: 1
Authenticate to Azure as a service principal using the credentials found in backup-config.json.
Correct Answer:
See the Answer in Explanation below.
Explanation:
Use az login --service-principal
Detailed Solution:
Command:
az login --service-principal \
-u c5fba7db-5e61-45bc-8944-3cd457bb19c2 \
-p ' < client-secret > ' \
--tenant 8f34c1de-1198-4c2a-b1a8-1eaa72f6e99a
Verify:
az account show --output json
Expected important field:
{
" user " : {
" name " : " c5fba7db-5e61-45bc-8944-3cd457bb19c2 " ,
" type " : " servicePrincipal "
}
}
This confirms you are authenticated as the App Registration/service principal.
QUESTION NO: 2
The App Service has a system-assigned managed identity enabled. Identify the managed identity principal ID.
Correct Answer:
See the Answer in Explanation below.
Explanation:
b72a4c19-92f6-47f3-b3dd-9db5a31831d1
Detailed Solution:
Run:
az webapp identity show \
--name finance-reporting-api \
--resource-group rg-prod-apps-eastus \
--output json
Expected output:
{
" principalId " : " b72a4c19-92f6-47f3-b3dd-9db5a31831d1 " ,
" tenantId " : " 8f34c1de-1198-4c2a-b1a8-1eaa72f6e99a " ,
" type " : " SystemAssigned "
}
The principalId is the service principal object ID of the managed identity.
Microsoft documents that managed identities provide Azure-managed identities for applications and eliminate the need to manage application secrets directly.
QUESTION NO: 3
During network reconnaissance of an Azure VM, you inspect its Network Security Group. Which inbound rule creates the highest risk?
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 4
The compromised service principal has Contributor access to a resource group but no direct Key Vault data- plane role. Can it immediately read Key Vault secret values?
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).