What refers to legitimate users accessing networked services that would normally be restricted to them?

A.
Spoofing

B.
Piggybacking

C.
Eavesdropping

D.
Logon abuse

Explanation:
Logon abuse refers to legitimate users accessing networked services that would normally be restricted to them.
Unlike network intrusion, this type of abuse focuses primarily on those users who may be internal to the
network, legitimate users of a different system, or users who have a lower security classification.
Incorrect Answers:
A: Spoofing refers to an attacker deliberately inducing a user (subject) or device (object) into taking an incorrect
action by giving it incorrect information. This is not what is described in the question.
B: Piggy-backing refers to an attacker gaining unauthorized access to a system by using a legitimate user’s
connection. A user leaves a session open or incorrectly logs off, enabling an attacker to resume the session.
This is not what is described in the question.
C: Eavesdropping is the unauthorized interception of network traffic. This is not what is described in the
question.

Krutz, Ronald L. and Russell Dean Vines, The CISSP and CAP Prep Guide: Mastering CISSP and CAP, Wiley
Publishing, Indianapolis, 2007, p. 173