ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 140 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 140
Topic #: 1
[All 312-50v13 Questions]

XYZ company recently discovered a potential vulnerability on their network, originating from misconfigurations. It was found that some of their host servers had enabled debugging functions and unknown users were granted administrative permissions. As a Certified Ethical Hacker, what would be the most potent risk associated with this misconfiguration?

  • A. An attacker may be able to inject a malicious DLL into the current running process
  • B. Weak encryption might be allowing man-in-the-middle attacks, leading to data tampering
  • C. Unauthorized users may perform privilege escalation using unnecessarily created accounts
  • D. An attacker may carry out a Denial-of-Service assault draining the resources of the server in the process
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Gibsomd at March 15, 2025, 9:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
killwitch
1 month, 4 weeks ago
Selected Answer: C
The primary risk associated with misconfigurations—such as enabling debugging functions and granting administrative permissions to unknown users—is that unauthorized users could escalate their privileges.
upvoted 1 times
...
NikoTomas
2 months ago
Selected Answer: A
For me, correct is A: Question states: “host servers had enabled debugging functions and unknown users were granted administrative permissions” – this already happened and they are asking what can be next. --> Debugging & Admin privileges together implies that you can perform DLL injection into any process. Debugging function is a standard way how to do it but you need also administrative rights. Incorrect: B) – weak encryption has nothing to do with this... C) – privilege escalation using unnecessarily created accounts – question states that the users were granted admin permissions already so they don’t have to escalate anything. D) – DoS attack by exhausting resources... you can do it even without admin privileges and debugging if you have any access.
upvoted 1 times
...
Gibsomd
2 months ago
Selected Answer: C
Misconfigurations, such as debugging functions enabled and unknown users having administrative privileges, present a high risk of privilege escalation. Attackers with unauthorized admin-level access can exploit these misconfigurations to elevate their privileges and gain full control over affected systems.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago