Which of the following should the security team do to prevent this from Happening in the future?

SY0-601 V1

Last Post by Octavio 1 year ago

1 Posts

1 Users

0 Likes

181 Views

RSS

Octavio

(@katterjohnoctavio)

Noble Member

Joined: 2 years ago

Posts: 721

Topic starter 05/11/2022 12:59 am

An organization blocks user access to command-line interpreters but hackers still managed to invoke the interpreters using native administrative tools.

Which of the following should the security team do to prevent this from Happening in the future?

A . Implement HIPS to block Inbound and outbound SMB ports 139 and 445.
B . Trigger a SIEM alert whenever the native OS tools are executed by the user
C . Disable the built-in OS utilities as long as they are not needed for functionality.
D . Configure the AV to quarantine the native OS tools whenever they are executed

Show Answer Hide Answer

Suggested Answer: C

Quote

Topic Tags

CompTIA Security+

Latest SY0-601 V1 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic