CompTIA
CV0-003 · Question #96
CV0-003 Question #96: Real Exam Question with Answer & Explanation
The correct answer is B: Disable unnecessary accounts. Server hardening after an audit revealing exploitation via guest and administrator accounts requires eliminating unnecessary accounts and enforcing access control by role.
Security
Question
A company has just completed a security audit and received initial results from the auditor. The results show that the ethical hacker was able to gain access to the company servers by exploiting non-hardened VMs and hosts as guests and administrators. Which of the following should be implemented to harden the environment? (Select two.)
Options
- ADiscretionary access controls
- BDisable unnecessary accounts
- CChange default passwords
- DInstall antivirus software
- ERole-based access controls
Explanation
Server hardening after an audit revealing exploitation via guest and administrator accounts requires eliminating unnecessary accounts and enforcing access control by role.
Common mistakes.
- A. Discretionary access controls (DAC) place access decisions with individual resource owners rather than enforcing a centralized policy, making them insufficient for enterprise-wide hardening against privilege abuse across hypervisor environments.
- C. Changing default passwords is a valid hardening step but does not address the root cause of the exploit, which was the existence of unnecessary accounts and the absence of role-based privilege separation.
- D. Antivirus software detects and removes malware but does not prevent unauthorized access achieved through misconfigured or non-hardened hypervisor guest accounts and administrator privileges.
Concept tested. VM and host hardening via account management and RBAC
Topics
#system hardening#RBAC#access control#security audit remediation
Community Discussion
No community discussion yet for this question.