1_3_1 Section 1 – Attacks, Threats, and Vulnerabilities - 1.3 – Application Attacks - Privilege Escalation

Questions and Answers

How can an attacker gain elevated rights on a system?

By running malicious software

By avoiding antivirus software

By exploiting a privilege escalation vulnerability (correct)

By always using the administrative account

What is privilege escalation vulnerability?

A flaw that only affects administrative accounts

A flaw that protects user resources

A flaw that allows a normal user to gain extended capabilities (correct)

A flaw in antivirus software

In what way can privilege escalation occur horizontally?

Gaining higher access levels than the root account

Using antivirus software effectively

Avoiding system patches

One user gaining access to the same resources as another user (correct)

What is a common preventive measure against privilege escalation?

Patching vulnerabilities quickly

What is the main reason for antivirus and anti-malware software to be aware of privilege escalation vulnerabilities?

To prevent malicious software from taking advantage of vulnerabilities

Why is it important to consider and address privilege escalation vulnerabilities swiftly?

They have a higher priority associated with them

What is one of the safeguards in place to prevent privileged escalation?

Memory randomization

Which vulnerability prevention technique blocks running applications from the data section of memory?

Data execution prevention

What impact does memory randomization have on attackers?

Prevents attackers from taking advantage of fixed memory locations

In the context of privileged escalation, what does CBE 2020-1530 refer to?

A specific vulnerability

Why is it crucial to ensure that operating systems have the latest security patches?

To prevent privileged escalation attacks

Which Windows operating systems are susceptible to the Windows Remote Access Elevation of Privileged Vulnerability?

Windows 7, 8.1, and 10

What is the main concern regarding privilege escalation vulnerabilities?

Gaining higher level access using normal user credentials

How is horizontal privilege escalation different from traditional privilege escalation?

It allows access to resources of users at the same level

Why are privilege escalation vulnerabilities considered high priority?

They can allow unauthorized elevated access

How can privilege escalation vulnerabilities be mitigated?

By timely patching and updates

In what scenario might a user exploit a horizontal privilege escalation vulnerability?

To gain access to resources of other users at the same level

What is the critical role of antivirus and anti-malware software in addressing privilege escalation vulnerabilities?

Detecting and stopping malicious software exploiting vulnerabilities

What security feature is implemented to prevent attackers from running applications from the data section of memory?

Data execution prevention

How does data execution prevention contribute to preventing privilege escalation?

By blocking the execution of applications from the data memory section

Which statement accurately describes the impact of memory randomization on attackers?

It hinders attackers from predicting the location of vulnerable memory addresses

In the context of the text, which scenario would indicate successful privilege escalation for an attacker?

Running a single program to gain elevated access

How does having the latest security patches on an operating system help mitigate privilege escalation vulnerabilities?

It provides protection against known security flaws and vulnerabilities

Which operating system was specifically mentioned to be susceptible to the Windows Remote Access Elevation of Privileged Vulnerability?

Windows 8.1

What does XSS stand for in the context of cross-site scripting?

Cross-Site Scripting

Why is cross-site scripting known as a vulnerability?

It enables sharing of information between different websites.

What is the main risk associated with non-persistent cross-site scripting attacks?

Disclosure of sensitive information to the attacker.

How do attackers exploit vulnerabilities in web-based applications for cross-site scripting?

By manipulating user input to execute scripts.

What is a common reason for developers to be cautious about handling user input in web applications?

To mitigate cross-site scripting vulnerabilities.

What makes JavaScript a potential tool for attackers in cross-site scripting attacks?

It can retrieve information from user browsers.

What issue did the individual face with the login token on the Subaru website?

The token never expired

Why is it cautioned against clicking links in emails?

To avoid cross-site scripting attacks

What risk is associated with the cross-site scripting vulnerability on the Subaru website?

Unauthorized access to user accounts

What suggestion is given regarding handling emails with links?

Visit websites directly instead of clicking links

How can developers help prevent cross-site scripting vulnerabilities on their websites?

Implement field validation on websites

What is recommended for users concerned about malicious JavaScript in emails?

Disable JavaScript or use security tools for managing it

What type of link does the attacker need the victim to click in a reflective cross-site scripting attack?

A specific link sent through email

What is a common payload that an attacker gathers from a victim's machine during a cross-site scripting attack?

Session IDs

Which type of cross-site scripting attack can be stored permanently on a server?

Persistent cross-site scripting

What happens when a user interacts with a stored cross-site scripting attack on a webpage?

The user's machine runs the malicious script.

What could an attacker gain access to by acquiring a victim's session ID information?

User credentials

In a reflective cross-site scripting attack, what typically happens when the victim clicks the malicious link?

An alert is shown on the victim's screen.

Why is reflective cross-site scripting different from stored cross-site scripting?

Reflective attacks target specific users.

What might an attacker embed at the end of a credit card number in a web application to execute a script?

.html JavaScript code snippet

How does a stored cross-site scripting attack spread among users?

By social media likes and shares

What was Aaron Guzman's contribution to understanding cross-site scripting vulnerabilities?

Discovered a security flaw on the Subaru website

What abbreviation is commonly associated with cross-site scripting?

XSS

Why is cross-site scripting referred to as a vulnerability?

It allows sharing information between websites

What type of vulnerability is a non-persistent cross-site scripting attack also known as?

Reflected

Why is it crucial for developers to prevent scripting vulnerabilities in web applications?

To protect against potential attacks

What can attackers achieve through a reflected cross-site scripting attack on a vulnerable website?

Gain access to users' session IDs

What common technology is exploited by attackers in conjunction with a vulnerable website in cross-site scripting attacks?

JavaScript

What allowed the individual to connect back to the Subaru website without having to log in with their username and password?

Security token

What risk did the individual face due to the non-expiring token on the Subaru website?

Privilege escalation

How could an attacker potentially exploit the cross-site scripting vulnerability on the Subaru website?

Inject malicious scripts

What is suggested as a practical option to manage the use of JavaScript on modern websites?

Disabling JavaScript entirely

How can website developers help mitigate cross-site scripting vulnerabilities on their sites?

Validating all website fields

Why is clicking links in emails cautioned against in the text?

To deter cross-site scripting attacks

What type of link does the attacker need the victim to click in a reflective cross-site scripting attack?

A link that triggers malicious scripts

Why might an attacker embed a script at the end of a credit card number in a web application?

To execute malicious scripts when the credit card number is processed

How does a stored cross-site scripting attack differ from a reflective attack?

Reflective attacks target individual users, stored attacks affect all visitors

What kind of information could an attacker acquire by obtaining a victim's session ID?

User credentials or session IDs

Why is it crucial to ensure that operating systems have the latest security patches?

To mitigate vulnerabilities that attackers could exploit

What is a common payload that an attacker often gathers from a victim's machine during a cross-site scripting attack?

Session IDs or user credentials

What typically happens when a user interacts with a stored cross-site scripting attack on a webpage?

The user's machine runs the malicious script automatically

What risk is associated with non-persistent cross-site scripting attacks?

Potential spread of malicious scripts over social media.

Why is cross-site scripting known as a vulnerability?

It allows attackers to inject and execute scripts on webpages.

What scenario indicates successful privilege escalation for an attacker?

An attacker elevates their own permissions without detection.