Credential Exposure — CompTIA Security+ (SY0-701) Practice Questions

Credential exposure occurs when usernames, passwords, API keys, or other authentication secrets are leaked through insecure storage, transmission, or misconfiguration, giving attackers a path to impersonate legitimate users. SY0-701 covers scenarios such as passwords stored in plaintext, credentials transmitted over cleartext protocols, hard-coded secrets in source code, and breached credential databases used in credential stuffing attacks. Candidates must understand protective controls including password hashing with strong algorithms, multi-factor authentication, privileged access management, and monitoring for suspicious login activity. Credential exposure is a leading cause of breaches and connects to identity and access management objectives throughout the exam.

Free questions on credential exposure

More credential exposure questions in the full bank

• During a cloud migration project, a security team discovers that the migrated application stores database credentials in plaintext in configuration files within the container images. The credentials are the same across development, test, and production environments. What is the most significant risk this creates? Unlock answer & explanation →