Which statement BEST describes the security implication of leaving this NOPASSWD rule in place?
Any process running under a qa member's UID can execute the script as root without entering a password, so a compromised session can escalate privileges instantly.
The rule suppresses sudo's syslog and audit records for successful runs, making the action effectively invisible to logging systems.
Because the command path is fully qualified, sudo will still demand the root password; NOPASSWD only overrides authentication for commands matched by wildcards.
QA group members will be asked for their password the first time in each session; the tag only removes repeated prompts once sudo's credential cache is active.
The NOPASSWD tag tells sudo to skip the normal password authentication step for the listed command(s). Because of that, any interactive session or process running as a member of the qa group can invoke the Python maintenance script as root without further challenge. If an attacker hijacks a qa user's shell or injects code into one of their processes, the attacker immediately gains root privileges for that command. The tag does not change group membership checks, does not depend on wildcard paths, and does not disable sudo's event logging, so the other statements are incorrect.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the NOPASSWD tag in the sudoers file mean?
Open an interactive chat with Bash
How can a compromised session escalate privileges using this rule?
Open an interactive chat with Bash
Does this rule affect sudo logging and group membership checks?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .