Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which vulnerability is illustrated by Stella accessing unauthorized websites due to unrestricted rights?

  1. Privilege Escalation

  2. Open Permissions

  3. Weak Passwords

  4. Data Leakage

The correct answer is: Open Permissions

The scenario describes Stella accessing unauthorized websites as a result of having unrestricted rights. This situation directly indicates the presence of open permissions, where users have excessive rights that allow them to access resources or functions that they should not be able to. Open permissions can lead to various security risks, including unauthorized access to sensitive information and potential exploitation of systems. In this case, because Stella has unrestricted rights, she can navigate to websites that may not be appropriate for her role, thus exposing the organization to potential threats such as malware, phishing attacks, or leakage of sensitive data. Addressing this issue requires implementing the principle of least privilege, where users are granted the minimum level of access necessary for their job roles, ensuring that they cannot access unauthorized resources or sites. In contrast, privilege escalation pertains to a scenario where a user gains elevated access to resources beyond their intended permissions, which isn't the core issue here. Weak passwords refer to poor password security practices that can lead to unauthorized access, while data leakage typically involves the accidental or intentional exposure of sensitive information. The situation described aligns most directly with the issue of open permissions.

More Questions Like This