350-201(NEW-127Q) · Question #69
350-201(NEW-127Q) Question #69: Real Exam Question with Answer & Explanation
The correct answer is C. privilege escalation. Privilege escalation fits precisely because the attack chain described - dormant accounts reactivated, successful logins spreading across systems, and system settings modified - is the classic pattern of an attacker gaining increasingly higher levels of access. Attackers often re
Question
Options
- Adenial of service
- Bman-in-the-middle attack
- Cprivilege escalation
- Dmalware outbreak
Explanation
Privilege escalation fits precisely because the attack chain described - dormant accounts reactivated, successful logins spreading across systems, and system settings modified - is the classic pattern of an attacker gaining increasingly higher levels of access. Attackers often revive forgotten accounts (low scrutiny) to move laterally and then escalate permissions until they control critical systems.
Why the distractors are wrong:
- A (Denial of Service): DoS aims to make systems unavailable, not to quietly log in and change settings - there's no disruption or resource exhaustion described.
- B (Man-in-the-Middle): MITM intercepts communications between two parties; here the attacker is directly authenticating to systems, not intercepting traffic.
- D (Malware outbreak): While malware could enable escalation, a malware outbreak typically involves widespread infection indicators (AV alerts, file encryption, unusual processes) - not the account-based lateral movement described.
Memory tip: Think of privilege escalation as a "key theft chain" - the attacker steals or reuses old keys (dormant accounts), quietly unlocks more doors (multiple system logins), then rearranges the furniture (settings changes). If the scenario emphasizes account activity + spreading access + configuration changes, think escalation, not destruction or interception.
Topics
Community Discussion
No community discussion yet for this question.