1_3_1 Section 1 – Attacks, Threats, and Vulnerabilities - 1.3 – Application Attacks - Privilege Escalation

Questions and Answers

How can an attacker gain elevated rights on a system?

• By running malicious software
• By avoiding antivirus software
• By exploiting a privilege escalation vulnerability (correct)
• By always using the administrative account

What is privilege escalation vulnerability?

• A flaw that only affects administrative accounts
• A flaw that protects user resources
• A flaw that allows a normal user to gain extended capabilities (correct)
• A flaw in antivirus software

In what way can privilege escalation occur horizontally?

• Gaining higher access levels than the root account
• Using antivirus software effectively
• Avoiding system patches
• One user gaining access to the same resources as another user (correct)

What is a common preventive measure against privilege escalation?

Patching vulnerabilities quickly (B)

What is the main reason for antivirus and anti-malware software to be aware of privilege escalation vulnerabilities?

To prevent malicious software from taking advantage of vulnerabilities (D)

Why is it important to consider and address privilege escalation vulnerabilities swiftly?

They have a higher priority associated with them (A)

What is one of the safeguards in place to prevent privileged escalation?

Memory randomization (C)

Which vulnerability prevention technique blocks running applications from the data section of memory?

Data execution prevention (C)

What impact does memory randomization have on attackers?

Prevents attackers from taking advantage of fixed memory locations (A)

In the context of privileged escalation, what does CBE 2020-1530 refer to?

A specific vulnerability (C)

Why is it crucial to ensure that operating systems have the latest security patches?

To prevent privileged escalation attacks (C)

Which Windows operating systems are susceptible to the Windows Remote Access Elevation of Privileged Vulnerability?

Windows 7, 8.1, and 10 (B)

What is the main concern regarding privilege escalation vulnerabilities?

Gaining higher level access using normal user credentials (C)

How is horizontal privilege escalation different from traditional privilege escalation?

It allows access to resources of users at the same level (A)

Why are privilege escalation vulnerabilities considered high priority?

They can allow unauthorized elevated access (B)

How can privilege escalation vulnerabilities be mitigated?

By timely patching and updates (B)

In what scenario might a user exploit a horizontal privilege escalation vulnerability?

To gain access to resources of other users at the same level (D)

What is the critical role of antivirus and anti-malware software in addressing privilege escalation vulnerabilities?

Detecting and stopping malicious software exploiting vulnerabilities (A)

What security feature is implemented to prevent attackers from running applications from the data section of memory?

Data execution prevention (B)

How does data execution prevention contribute to preventing privilege escalation?

By blocking the execution of applications from the data memory section (D)

Which statement accurately describes the impact of memory randomization on attackers?

It hinders attackers from predicting the location of vulnerable memory addresses (A)

In the context of the text, which scenario would indicate successful privilege escalation for an attacker?

Running a single program to gain elevated access (C)

How does having the latest security patches on an operating system help mitigate privilege escalation vulnerabilities?

It provides protection against known security flaws and vulnerabilities (D)

Which operating system was specifically mentioned to be susceptible to the Windows Remote Access Elevation of Privileged Vulnerability?

Windows 8.1 (D)

What does XSS stand for in the context of cross-site scripting?

Cross-Site Scripting (B)

Why is cross-site scripting known as a vulnerability?

It enables sharing of information between different websites. (C)

What is the main risk associated with non-persistent cross-site scripting attacks?

Disclosure of sensitive information to the attacker. (C)

How do attackers exploit vulnerabilities in web-based applications for cross-site scripting?

By manipulating user input to execute scripts. (C)

What is a common reason for developers to be cautious about handling user input in web applications?

To mitigate cross-site scripting vulnerabilities. (D)

What makes JavaScript a potential tool for attackers in cross-site scripting attacks?

It can retrieve information from user browsers. (D)

What issue did the individual face with the login token on the Subaru website?

The token never expired (B)

Why is it cautioned against clicking links in emails?

To avoid cross-site scripting attacks (D)

What risk is associated with the cross-site scripting vulnerability on the Subaru website?

Unauthorized access to user accounts (C)

What suggestion is given regarding handling emails with links?

Visit websites directly instead of clicking links (B)

How can developers help prevent cross-site scripting vulnerabilities on their websites?

Implement field validation on websites (B)

What is recommended for users concerned about malicious JavaScript in emails?

Disable JavaScript or use security tools for managing it (A)

What type of link does the attacker need the victim to click in a reflective cross-site scripting attack?

A specific link sent through email (B)

What is a common payload that an attacker gathers from a victim's machine during a cross-site scripting attack?

Session IDs (A)

Which type of cross-site scripting attack can be stored permanently on a server?

Persistent cross-site scripting (A)

What happens when a user interacts with a stored cross-site scripting attack on a webpage?

The user's machine runs the malicious script. (C)

What could an attacker gain access to by acquiring a victim's session ID information?

User credentials (A)

In a reflective cross-site scripting attack, what typically happens when the victim clicks the malicious link?

An alert is shown on the victim's screen. (B)

Why is reflective cross-site scripting different from stored cross-site scripting?

Reflective attacks target specific users. (D)

What might an attacker embed at the end of a credit card number in a web application to execute a script?

.html JavaScript code snippet (B)

How does a stored cross-site scripting attack spread among users?

By social media likes and shares (A)

What was Aaron Guzman's contribution to understanding cross-site scripting vulnerabilities?

Discovered a security flaw on the Subaru website (B)

What abbreviation is commonly associated with cross-site scripting?

XSS (D)

Why is cross-site scripting referred to as a vulnerability?

It allows sharing information between websites (B)

What type of vulnerability is a non-persistent cross-site scripting attack also known as?

Reflected (D)

Why is it crucial for developers to prevent scripting vulnerabilities in web applications?

To protect against potential attacks (A)

What can attackers achieve through a reflected cross-site scripting attack on a vulnerable website?

Gain access to users' session IDs (A)

What common technology is exploited by attackers in conjunction with a vulnerable website in cross-site scripting attacks?

JavaScript (B)

What allowed the individual to connect back to the Subaru website without having to log in with their username and password?

Security token (C)

What risk did the individual face due to the non-expiring token on the Subaru website?

Privilege escalation (B)

How could an attacker potentially exploit the cross-site scripting vulnerability on the Subaru website?

Inject malicious scripts (B)

What is suggested as a practical option to manage the use of JavaScript on modern websites?

Disabling JavaScript entirely (A)

How can website developers help mitigate cross-site scripting vulnerabilities on their sites?

Validating all website fields (A)

Why is clicking links in emails cautioned against in the text?

To deter cross-site scripting attacks (B)

What type of link does the attacker need the victim to click in a reflective cross-site scripting attack?

A link that triggers malicious scripts (D)

Why might an attacker embed a script at the end of a credit card number in a web application?

To execute malicious scripts when the credit card number is processed (D)

How does a stored cross-site scripting attack differ from a reflective attack?

Reflective attacks target individual users, stored attacks affect all visitors (D)

What kind of information could an attacker acquire by obtaining a victim's session ID?

User credentials or session IDs (A)

Why is it crucial to ensure that operating systems have the latest security patches?

To mitigate vulnerabilities that attackers could exploit (A)

What is a common payload that an attacker often gathers from a victim's machine during a cross-site scripting attack?

Session IDs or user credentials (A)

What typically happens when a user interacts with a stored cross-site scripting attack on a webpage?

The user's machine runs the malicious script automatically (B)

What risk is associated with non-persistent cross-site scripting attacks?

Potential spread of malicious scripts over social media. (A)

Why is cross-site scripting known as a vulnerability?

It allows attackers to inject and execute scripts on webpages. (A)

What scenario indicates successful privilege escalation for an attacker?

An attacker elevates their own permissions without detection. (C)

Flashcards are hidden until you start studying