Which of the following should the security team do to prevent this from Happening in the future?

SY0-601

Last Post by Colton 2 years ago

1 Posts

1 Users

0 Likes

201 Views

RSS

Colton

(@finnecolton)

Noble Member

Joined: 2 years ago

Posts: 729

Topic starter 11/05/2022 10:02 am

An organization blocks user access to command-line interpreters but hackers still managed to invoke the interpreters using native administrative tools.

Which of the following should the security team do to prevent this from Happening in the future?

A . Implement HIPS to block Inbound and outbound SMB ports 139 and 445.
B . Trigger a SIEM alert whenever the native OS tools are executed by the user
C . Disable the built-in OS utilities as long as they are not needed for functionality.
D . Configure the AV to quarantine the native OS tools whenever they are executed

Show Answer Hide Answer

Suggested Answer: C

Quote

Topic Tags

CompTIA Security+

Latest CompTIA SY0-601 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic