CV0-003 · Question #574
CV0-003 Question #574: Real Exam Question with Answer & Explanation
The correct answer is D: Define and configure the proper permissions for the file-sharing service. The administrator has already completed investigation and confirmed the misconfigured permissions are the root cause - the immediate next step is to remediate by setting correct, least-privilege permissions on the affected files and folders.
Question
Options
- AIdentify the changes to the file-sharing service and document
- BAcquire a third-party DLP solution to implement and manage access
- CTest the current access permissions to the file-sharing service
- DDefine and configure the proper permissions for the file-sharing service
Explanation
The administrator has already completed investigation and confirmed the misconfigured permissions are the root cause - the immediate next step is to remediate by setting correct, least-privilege permissions on the affected files and folders.
Common mistakes.
- A. Identifying and documenting changes was already performed during the root cause analysis phase; repeating this step before remediating does not protect the files from further damage.
- B. Acquiring a third-party DLP solution is a longer-term strategic control and is premature when the immediate, known fix is simply correcting the existing permission misconfiguration.
- C. Testing current access permissions was already completed using the test user account, confirming write access for everyone; retesting at this point does not advance remediation.
Concept tested. Incident response remediation for SaaS permission misconfiguration
Reference. https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final
Topics
Community Discussion
No community discussion yet for this question.