
The SecOps Group Certified Cloud Pentesting eXpert - Azure - CCPenX-Az Exam Questions
QUESTION NO: 1
Authenticate to Azure as a service principal using the credentials found in backup-config.json.
Authenticate to Azure as a service principal using the credentials found in backup-config.json.
Correct Answer:
See the Answer in Explanation below.
Explanation:
Use az login --service-principal
Detailed Solution:
Command:
az login --service-principal \
-u c5fba7db-5e61-45bc-8944-3cd457bb19c2 \
-p ' < client-secret > ' \
--tenant 8f34c1de-1198-4c2a-b1a8-1eaa72f6e99a
Verify:
az account show --output json
Expected important field:
{
" user " : {
" name " : " c5fba7db-5e61-45bc-8944-3cd457bb19c2 " ,
" type " : " servicePrincipal "
}
}
This confirms you are authenticated as the App Registration/service principal.
Explanation:
Use az login --service-principal
Detailed Solution:
Command:
az login --service-principal \
-u c5fba7db-5e61-45bc-8944-3cd457bb19c2 \
-p ' < client-secret > ' \
--tenant 8f34c1de-1198-4c2a-b1a8-1eaa72f6e99a
Verify:
az account show --output json
Expected important field:
{
" user " : {
" name " : " c5fba7db-5e61-45bc-8944-3cd457bb19c2 " ,
" type " : " servicePrincipal "
}
}
This confirms you are authenticated as the App Registration/service principal.
QUESTION NO: 2
The App Service has a system-assigned managed identity enabled. Identify the managed identity principal ID.
The App Service has a system-assigned managed identity enabled. Identify the managed identity principal ID.
Correct Answer:
See the Answer in Explanation below.
Explanation:
b72a4c19-92f6-47f3-b3dd-9db5a31831d1
Detailed Solution:
Run:
az webapp identity show \
--name finance-reporting-api \
--resource-group rg-prod-apps-eastus \
--output json
Expected output:
{
" principalId " : " b72a4c19-92f6-47f3-b3dd-9db5a31831d1 " ,
" tenantId " : " 8f34c1de-1198-4c2a-b1a8-1eaa72f6e99a " ,
" type " : " SystemAssigned "
}
The principalId is the service principal object ID of the managed identity.
Microsoft documents that managed identities provide Azure-managed identities for applications and eliminate the need to manage application secrets directly.
Explanation:
b72a4c19-92f6-47f3-b3dd-9db5a31831d1
Detailed Solution:
Run:
az webapp identity show \
--name finance-reporting-api \
--resource-group rg-prod-apps-eastus \
--output json
Expected output:
{
" principalId " : " b72a4c19-92f6-47f3-b3dd-9db5a31831d1 " ,
" tenantId " : " 8f34c1de-1198-4c2a-b1a8-1eaa72f6e99a " ,
" type " : " SystemAssigned "
}
The principalId is the service principal object ID of the managed identity.
Microsoft documents that managed identities provide Azure-managed identities for applications and eliminate the need to manage application secrets directly.
QUESTION NO: 3
During network reconnaissance of an Azure VM, you inspect its Network Security Group. Which inbound rule creates the highest risk?
During network reconnaissance of an Azure VM, you inspect its Network Security Group. Which inbound rule creates the highest risk?
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 4
The compromised service principal has Contributor access to a resource group but no direct Key Vault data- plane role. Can it immediately read Key Vault secret values?
The compromised service principal has Contributor access to a resource group but no direct Key Vault data- plane role. Can it immediately read Key Vault secret values?
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).




