CompTIA
PT0-001 · Question #54
PT0-001 Question #54: Real Exam Question with Answer & Explanation
Sign in or unlock PT0-001 to reveal the answer and full explanation for question #54. The question stem and answer options stay visible for context.
Question
A security assessor completed a comprehensive penetration test of a company and its networks and systems. During the assessment, the tester identified a vulnerability in the crypto library used for TLS on the company's intranet-wide payroll web application. However, the vulnerability has not yet been patched by the vendor, although a patch is expected within days. Which of the following strategies would BEST mitigate the risk of impact?
Options
- AModify the web server crypto configuration to use a stronger cipher-suite for encryption, hashing,
- BImplement new training to be aware of the risks in accessing the application. This training can be
- CImplement an ACL to restrict access to the application exclusively to the finance department.
- DRequire payroll users to change the passwords used to authenticate to the application. Following
Unlock PT0-001 to see the answer
You've previewed enough free PT0-001 questions. Unlock PT0-001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.