Exam 312-50v12 topic 1 question 140 discussion

I believe it's not C, as unknown users have already been granted administrative permissions. Also, there is nowhere mentioned that unnecessarily accounts have been created. Also, not B or D, as these type of attacks do not require gaining admin permissions on a system. The problem with unkown users getting admin perms is that they can change the code the server is running, eg by injecting a malicious DLL. So, it's A.

I believe the answer is A Yes, it is possible for an attacker to inject a malicious DLL through a server debugging tool, especially if debugging functions are enabled and not properly secured. Here’s how: Exploiting Debugging Functions: Debugging tools often have elevated privileges and direct access to the system memory and processes. If an attacker gains access to these debugging functions, they can manipulate the system in various ways, including injecting malicious code. DLL injection is a technique used to run malicious code within the address space of another process by loading a dynamic link library (DLL). If debugging functions are enabled, an attacker with access can use these tools to load their malicious DLL into a RUNNING PROCESS.

I think Is A, why bother in priv esc if the user has already administrative account?!?

Why bother with A when you can aleady have system access by using C. Also AI says C, the book says A & C, and C makes more sense...so C

Is C. Key words "unknown users were granted administrative permissions"

Could someone please validate this information

Could someone help me confirm the accuracy of this data

C. Unauthorized users may perform privilege escalation using unnecessarily created accounts