220-902 – Q237

A security team is auditing a company’s network logs and notices that a USB drive was previously inserted into several of the servers. Many login attempts were than successfully performed using common login information. Which of the following actions should be taken to close the vulnerability? (Select two.)

A. Disable guest account
B. Remove admin permissions
C. Modify AutoRun settings
D. Change default credentials
E. Run OS security updates
F. Install a software firewall

Correct Answers: A,D