Bobbi is investigating a security incident and discovers that an attacker began with a normal user account but managed to exploit a system vulnerability to provide that account with administrative rights. What type of attack took place under the STRIDE threat model?

RISK MANAGEMENT

Please wait while the activity loads.
If this activity does not load, try refreshing your browser. Also, this page requires javascript. Please visit using a browser with javascript enabled.

If loading fails, click here to try again

Question [CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]

A	Spoofing
B	Repudiation
C	Tampering
D	Elevation of privilege

Explanation:

Detailed explanation-1: -The main goal of an attacker that is leveraging a Denial of Service (DoS) attack method is to disrupt a website availability: The website can become slow to respond to legitimate requests. The website can be disabled entirely, making it impossible for legitimate users to access it.

Detailed explanation-2: -Defense in depth states that organizations should have overlapping security controls designed to meet the same security objectives whenever possible. This approach provides security in the event of a single control failure.

Detailed explanation-3: -Awareness establishes a minimum standard of information security understanding. It is designed to accommodate all personal of the organization staff regardless of their assigned tasks.

Detailed explanation-4: -Risk determination assesses threats and vulnerabilities to consider the likelihood that known threat sources will be able to exploit identified vulnerabilities to cause one or more adverse events and the consequences if such events occur.

There is 1 question to complete.

BUISENESS MANAGEMENT

RISK MANAGEMENT