nerdexam
EC-Council

312-50V11 · Question #308

What is the best defense against privilege escalation vulnerability?

The correct answer is C. Run services with least privileged accounts and implement multi-factor authentication and. Running services under least-privilege accounts limits the blast radius of a successful privilege escalation and MFA reduces the chance of credential-based escalation.

System Hacking

Question

What is the best defense against privilege escalation vulnerability?

Options

  • APatch systems regularly and upgrade interactive login privileges at the system administrator level.
  • BRun administrator and applications on least privileges and use a content registry for tracking.
  • CRun services with least privileged accounts and implement multi-factor authentication and
  • DReview user roles and administrator privileges for maximum utilization of automation services.

How the community answered

(44 responses)
  • A
    5% (2)
  • B
    14% (6)
  • C
    75% (33)
  • D
    7% (3)

Why each option

Running services under least-privilege accounts limits the blast radius of a successful privilege escalation and MFA reduces the chance of credential-based escalation.

APatch systems regularly and upgrade interactive login privileges at the system administrator level.

Patching is a valid mitigation, but 'upgrading interactive login privileges at the system administrator level' contradicts the principle of least privilege and would worsen exposure to escalation.

BRun administrator and applications on least privileges and use a content registry for tracking.

Running applications with least privileges is correct, but 'content registry for tracking' is not a recognized or standard defense against privilege escalation vulnerabilities.

CRun services with least privileged accounts and implement multi-factor authentication andCorrect

Applying the principle of least privilege to service accounts ensures that even if an attacker exploits a service, the account has minimal permissions, making further escalation significantly harder. Combining this with multi-factor authentication prevents attackers from leveraging stolen credentials to escalate privileges through account takeover, addressing both the access and authentication vectors of privilege escalation.

DReview user roles and administrator privileges for maximum utilization of automation services.

Reviewing roles for 'maximum utilization of automation services' prioritizes operational efficiency over security and does not directly address reducing privilege escalation risk.

Concept tested: Privilege escalation mitigation using least privilege and MFA

Source: https://learn.microsoft.com/en-us/security/compass/privileged-access-overview

Topics

#privilege escalation#least privilege#multi-factor authentication#defense

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice