nerdexam
ExamsCV0-003Questions#783
CompTIA

CV0-003 · Question #783

CV0-003 Question #783: Real Exam Question with Answer & Explanation

The correct answer is D: Define and configure the proper permissions for the file-sharing service.. The root cause has already been identified and confirmed through testing; the appropriate next step in incident response is remediation by correcting the misconfigured permissions.

Operations

Question

A cloud administrator recently noticed that a number of files stored at a SaaS provider's file- sharing service were deleted. As part of the root cause analysis, the administrator noticed the parent folder permissions were modified last week. The administrator then used a test user account and determined the permissions on the files allowed everyone to have write access. Which of the following is the best step for the administrator to take NEXT?

Options

  • AIdentify the changes to the file-sharing service and document.
  • BAcquire a third-party DLP solution to implement and manage access.
  • CTest the current access permissions to the file-sharing service.
  • DDefine and configure the proper permissions for the file-sharing service.

Explanation

The root cause has already been identified and confirmed through testing; the appropriate next step in incident response is remediation by correcting the misconfigured permissions.

Common mistakes.

  • A. Identifying and documenting the changes is a root cause analysis step that has already been completed in the scenario, so performing it again would be redundant rather than productive.
  • B. Acquiring a third-party DLP solution is a long-term strategic control measure and is not the immediate next step when a specific, identified misconfiguration can be directly remediated right now.
  • C. Testing the current access permissions has already been performed using the test user account, confirming the issue; repeating this step does not advance the incident toward resolution.

Concept tested. Incident response remediation after permission misconfiguration

Topics

#SaaS#file permissions#access control#incident response

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CV0-003 Practice