Privilege escalation is a critical concept in ethical hacking and penetration testing that refers to a situation where a user or processgains higher-level permissions than originally authorized. This makes option A the correct answer.
Privilege escalation commonly occurs after an attacker or ethical hacker gains initial access to a system with limited privileges. The next objective is often to escalate those privileges to gain administrative or root-level access. This can be achieved through misconfigurations, vulnerable software, weak file permissions, kernel exploits, or improper access control mechanisms.
Option B is incorrect because formally requesting permissions from an administrator is a legitimate administrative process, not privilege escalation. Option C is incorrect because privilege escalation does not involve requesting permissions; it involves exploiting weaknesses to obtain them without authorization.
In penetration testing, privilege escalation is typically tested during thepost-exploitation phase. Ethical hackers use it to demonstrate the potential impact of a breach, such as full system compromise, access to sensitive data, or lateral movement within a network.
Understanding privilege escalation is essential for improving defensive security. By identifying and mitigating escalation paths, organizations can enforce the principle of least privilege, strengthen access controls, and reduce the impact of successful attacks. Ethical testing of privilege escalation ultimately helps organizations harden systems against real-world threats.
