CompTIA Security+ SY0-701 Practice Question
A security auditor finds that certain accounts, intended to have standard user permissions, are executing commands that typically require admin rights. Further investigation reveals these accounts have been added to a group with elevated privileges. Which situation does this observation most accurately reflect?
Service disruption caused by frequent account lockouts
Privilege escalation due to unauthorized changes in group memberships
Data exposure from compromised encryption protocols
Unauthorized access from unchanged default account passwords