CISSP · Question #730
Which of the following is a potential risk when a program runs in privileged mode?
The correct answer is D. It may allow malicious code to be inserted. When a program runs in privileged mode, it operates with elevated system access, which creates significant security risks if that program is compromised or exploited.
Question
Which of the following is a potential risk when a program runs in privileged mode?
Options
- AIt may serve to create unnecessary code complexity
- BIt may not enforce job separation duties
- CIt may create unnecessary application hardening
- DIt may allow malicious code to be inserted
How the community answered
(25 responses)- A8% (2)
- B4% (1)
- D88% (22)
Why each option
When a program runs in privileged mode, it operates with elevated system access, which creates significant security risks if that program is compromised or exploited.
Code complexity is a software design concern unrelated to the security risks introduced by running processes in privileged mode.
Job separation (separation of duties) is an administrative and access control policy concern, not a direct technical risk of privileged mode execution.
Application hardening reduces attack surface and is a security benefit, not a risk; privileged mode does not cause unnecessary hardening.
Privileged mode grants a program elevated access to system resources, memory, and kernel-level operations. If malicious code is injected into or executed by a privileged process, it inherits those elevated permissions, allowing attackers to perform actions such as modifying critical system files, escalating privileges, or installing rootkits that would otherwise be blocked in user mode.
Concept tested: Risks of privileged mode program execution
Source: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment
Topics
Community Discussion
No community discussion yet for this question.