Question

An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions

Answer 1

Answer:

privilege escalation.

Explanation:

An access control can be defined as a security technique use for determining whether an individual has the minimum requirements or credentials to access or view resources on a computer by ensuring that they are who they claim to be.

Simply stated, access control is the process of verifying the identity of an individual or electronic device. Authentication work based on the principle (framework) of matching an incoming request from a user or electronic device to a set of uniquely defined credentials.

Basically, authentication and authorization is used in access control, to ensure a user is truly who he or she claims to be, as well as confirm that an electronic device is valid through the process of verification

Hence, an access control list (ACL) primarily is composed of a set of permissions and operations associated with a user account or new technology file system (NTFS) file such as full control, read only, write, read and execute and modify.

In this scenario, an attacker or hacker was able to obtain the logon credentials for a regular user on your network. Thus, the type of security threat which exists if this user account is used by the attacker or hacker to perform administrative functions is privilege escalation.

Privilege escalation can be defined as a network or security threat which involves the exploitation of a design flaw, bug or unsecured configuration settings in a software program (application), operating system (OS), computer system, etc., so as to have an unauthorized access and gain more permissions, elevated rights or privileges that are normally protected from a user account or software program.

Hence, when an attacker or malicious user such as a hacker gains an unauthorized access to the privileges of another user account beyond what is intended or entitled to a user, it is known as privilege escalation.