CompTIA Security Plus Mock Test Q267

Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy. Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes?

A. User rights and permissions review
B. Configuration management
C. Incident management
D. Implement security controls on Layer 3 devices


Correct Answer: A
Section: Compliance and Operational Security

Explanation:
Reviewing user rights and permissions can be used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation and their job descriptions. Also reviewing user rights and permissions will afford the security analyst the opportunity to put the principle of least privilege in practice as well as update the security policy

Incorrect Answers:
B: Configuration management is an operational control type that is put into action after a risk assessment has been done.
C: Incident management refers to the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets).
D: IPSec can be implemented on Layer 3 devices, but this will not prevent unauthorized changes to the network. It is a case of the permissions and user rights that has to be
addressed.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 10, 17