CCSP Question #97: Real Exam Question with Answer & Explanation

Question

All of the following methods can be used to attenuate the harm caused by escalation of privilege except:

Options

• AExtensive access control and authentication tools and techniques
• BAnalysis and review of all log data by trained, skilled personnel on a frequent basis
• CPeriodic and effective use of cryptographic sanitization tools
• DThe use of automated analysis tools such as SIM, SIEM, and SEM solutions

Explanation

Cryptographic sanitization tools are used for secure data erasure, not for mitigating harm from escalation of privilege attacks.

Common mistakes.

• A. Extensive access control and authentication directly limit unauthorized privilege changes, thus attenuating harm from escalation.
• B. Frequent analysis of log data helps detect anomalous activity that could indicate or lead to privilege escalation, enabling timely response.
• D. Automated analysis tools like SIEM/SEM solutions are crucial for real-time monitoring and alerting on security events, including potential privilege escalation attempts, thereby helping to mitigate harm.

Concept tested. Privilege escalation mitigation

Reference. https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/implementing-least-privilege-administrative-models

No community discussion yet for this question.