New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

GAQM CPEH-001 Exam - Topic 6 Question 41 Discussion

Actual exam question for GAQM's CPEH-001 exam

Question #: 41
Topic #: 6

[All CPEH-001 Questions]

Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability. What is the correct action to be taken by Rebecca in this situation as a recommendation to management?

ARebecca should make a recommendation to disable the () system call

BRebecca should make a recommendation to upgrade the Linux kernel promptly

CRebecca should make a recommendation to set all child-process to sleep within the execve()

DRebecca should make a recommendation to hire more system administrators to monitor all child processes to ensure that each child process can't elevate privilege

Show Suggested Answer

Suggested Answer: B

by Thurman at May 08, 2022, 11:40 PM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Karma

4 months ago

C is just a band-aid solution, not a fix.

upvoted 0 times

...

Lenna

4 months ago

B seems right, but what about potential downtime?

upvoted 0 times

...

Yuriko

4 months ago

Wait, there's no workaround? That's concerning!

upvoted 0 times

...

Franchesca

4 months ago

I disagree, disabling execve() isn't practical.

upvoted 0 times

...

Darrin

5 months ago

Definitely B, upgrading the kernel is the best move.

upvoted 0 times

...

Jeffrey

5 months ago

Hiring more system admins seems excessive. I feel like there should be a more technical solution, but I can't recall the specifics.

upvoted 0 times

...

Gene

5 months ago

I think we had a practice question about mitigating vulnerabilities, and upgrading the kernel was a common recommendation. So, B sounds familiar.

upvoted 0 times

...

Ernest

5 months ago

I'm not entirely sure, but disabling the execve() system call seems risky. Wouldn't that break a lot of applications?

upvoted 0 times

...

Annelle

5 months ago

I remember discussing the importance of kernel updates in class, so I think option B about upgrading the Linux kernel might be the right choice.

upvoted 0 times

...

Moon

5 months ago

Wait, I'm a bit confused. Is this about digital evidence and the challenges of forensics investigation? I'm not sure if that's the right answer.

upvoted 0 times

...

Cheryl

5 months ago

Hmm, this looks like a permissions issue. I'll need to think carefully about the different authentication methods that could be causing the problem.

upvoted 0 times

...

Harley

5 months ago

This question seems straightforward, I think encryption would help mitigate a malicious intermediary trying to intercept the data.

upvoted 0 times

...