A network administrator is implementing a token system in which a hardware device is used to store a password. The password is u
nknown to the user and transmitted to the system for authentication. If implementing to which of the following attacks is this token type vulnerable? A) Replay
B) Smurf
C) Collision
D) Privilege escalation
<u><em>Privilege escalation:</em></u> This is when an intruder gain access to a lower level user account and uses it to gain further access to resources that are normally protected from the lower level users. this mostly achieved by exploiting vulnerabilities like a bug, configurations or design flaws in a lower level user account to gain further or elevated access to the site administrator.
Below are some of the common privilege escalation techniques that intruders use in gaining access to user account, they include:
i) Using valid accounts
ii) Manipulating access tokens
iii) Bypassing user account control
An intruders goal in a privilege escalation attack is to gain high-level privileges so as to be able to access importance administrative data without being noticed.
Privilege escalation is a situation whereby an attacker exploits a privilege escalation vulnerability in a target system which then allows to override the user account.
A token system is usually vulnerable to privilege escalation attacks. The hacker usually acts as a middle man between the original user and the system. The hacker solicits for the token output from the legitimate user which he then supplies to the system for authentication to gain entrance.
The characteristic of the WAN hub and spoke topology is that
it is considered to be a branch site or composed of the branch site in which
they are likely to be connected to a site that is central and that is through
the point to point links.
