300-220 · Question #135
300-220 Question #135: Real Exam Question with Answer & Explanation
The correct answer is C. Not adhering to security best practices. Configuration errors that create security gaps stem from not adhering to security best practices (C) - things like leaving default credentials in place, misconfiguring firewall rules, disabling logging, or skipping hardening checklists. When administrators skip or ignore establis
Question
Options
- AUsing strong encryption methods
- BRegularly changing passwords
- CNot adhering to security best practices
- DOverly complex network designs
Explanation
Configuration errors that create security gaps stem from not adhering to security best practices (C) - things like leaving default credentials in place, misconfiguring firewall rules, disabling logging, or skipping hardening checklists. When administrators skip or ignore established guidelines (CIS Benchmarks, NIST frameworks, vendor security guides), systems end up in insecure states not because of malicious intent but simple oversight or ignorance.
Why the distractors are wrong:
- A (strong encryption) is a security best practice itself - using it reduces gaps, not causes them.
- B (regularly changing passwords) is also a recommended practice that improves security posture.
- D (complex network designs) can introduce operational challenges, but complexity alone isn't the root cause of configuration errors - poor practices are.
Memory tip: Think "GAP = Goes Against Practices." Configuration gaps appear when you go against (ignore) security best practices - C is the only choice that describes a failure to do something right, while A and B are things you should do, and D is a red herring about design complexity.
Topics
Community Discussion
No community discussion yet for this question.