CREST Practitioner Security Analyst (CPSA) 2025 – 400 Free Practice Questions to Pass the Exam

When X11 is not tunneled through SSH, a significant potential effect is unauthorized data access. X11 is a protocol used for displaying graphical user interfaces on Unix and Unix-like operating systems, allowing applications to run on one machine and display on another. Without SSH tunneling, which encrypts the data being transmitted, the X11 traffic can be intercepted by malicious actors in the network. This lack of encryption means that sensitive information, such as user sessions or interactions with applications, could be exposed to attackers, leading to potential unauthorized access to personal data, application states, or even the ability to control the graphical interface itself.

The other options, while they may represent issues in different contexts, do not directly relate to the specific risk introduced by not tunneling X11 through SSH. Increased resource consumption could occur in various scenarios but is not an inherent result of the lack of tunneling. Cross-Site Scripting pertains specifically to web applications and involves the injection of malicious scripts into web pages, which doesn't relate to X11 traffic. Server overload typically arises from excessive requests or processes but is not directly tied to the tunneling of X11 sessions. Thus, the emphasis on unauthorized data access is critical in the context of network security and the risk introduced when standard