nerdexam
(ISC)2

CISSP · Question #730

Which of the following is a potential risk when a program runs in privileged mode?

The correct answer is D. It may allow malicious code to be inserted. When a program runs in privileged mode, it operates with elevated system access, which creates significant security risks if that program is compromised or exploited.

Submitted by ngozi_ng· Mar 5, 2026Software Development Security

Question

Which of the following is a potential risk when a program runs in privileged mode?

Options

  • AIt may serve to create unnecessary code complexity
  • BIt may not enforce job separation duties
  • CIt may create unnecessary application hardening
  • DIt may allow malicious code to be inserted

How the community answered

(25 responses)
  • A
    8% (2)
  • B
    4% (1)
  • D
    88% (22)

Why each option

When a program runs in privileged mode, it operates with elevated system access, which creates significant security risks if that program is compromised or exploited.

AIt may serve to create unnecessary code complexity

Code complexity is a software design concern unrelated to the security risks introduced by running processes in privileged mode.

BIt may not enforce job separation duties

Job separation (separation of duties) is an administrative and access control policy concern, not a direct technical risk of privileged mode execution.

CIt may create unnecessary application hardening

Application hardening reduces attack surface and is a security benefit, not a risk; privileged mode does not cause unnecessary hardening.

DIt may allow malicious code to be insertedCorrect

Privileged mode grants a program elevated access to system resources, memory, and kernel-level operations. If malicious code is injected into or executed by a privileged process, it inherits those elevated permissions, allowing attackers to perform actions such as modifying critical system files, escalating privileges, or installing rootkits that would otherwise be blocked in user mode.

Concept tested: Risks of privileged mode program execution

Source: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment

Topics

#privileged access#least privilege#security risk

Community Discussion

No community discussion yet for this question.

Full CISSP Practice