ExamGecko
Search Search Login
Home Home / CompTIA / SY0-701
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
Which of the following is used to add extra complexity before using a one-way data transformation algorithm?
An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?
A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?
Which of the following involves an attempt to take advantage of database misconfigurations?
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Question 124 - SY0-701 discussion

Report
Export

A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?

A.
Insurance
Answers
A.
Insurance
B.
Patching
Most voted
Answers (2)
Most voted
B.
Patching
C.
Segmentation
Answers
C.
Segmentation
D.
Replacement
Answers
D.
Replacement
Suggested answer: C

Explanation:

Segmentation is a technique that divides a network into smaller subnetworks or segments, each with its own security policies and controls. Segmentation can help mitigate network access vulnerabilities in legacy loT devices by isolating them from other devices and systems, reducing their attack surface and limiting the potential impact of a breach. Segmentation can also improve network performance and efficiency by reducing congestion and traffic. Patching, insurance, and replacement are other possible strategies to deal with network access vulnerabilities, but they may not be feasible or effective in the short term. Patching may not be available or compatible for legacy loT devices, insurance may not cover the costs or damages of a cyberattack, and replacement may be expensive and time-consuming.

Reference: CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 142-143

Show Answer
asked 02/10/2024
Synathia Imafidon
41 questions
PreviousPreviousNextNext
User
Your answer:
4 comments
Sorted by
Up
0
Down
User
Youssef Aaddi

Edited 15 days ago

Voted C

C. Segmentation Since these are legacy IoT devices, patching may not be immediately available or possible, and replacing them might take time. Segmentation is a quick and effective approach to isolate these vulnerable devices from the rest of the network, limiting the potential impact of the vulnerability. This containment strategy minimizes exposure while a more permanent solution, such as patching or replacement, is pursued.

Reply
Reply
Report
Up
1
Down
User
Gordon Summerlin

Edited 17 days ago

Voted C

I believe that the answer is C. If it is *legacy* IoT, that means that support, for said devices, could no longer be available. Hence patches for these devices may not exist or the latest patch available is extremely out of date.

Reply
Reply
Report
Up
0
Down
User
Danehun

Edited one month ago

Voted B

I think answer B correct

Reply
Reply
Report
Up
2
Down
User
sewaknijjar

Edited one month ago

Voted B

Applying patches or updates is the most effective and immediate way to address known vulnerabilities. This can close security gaps and protect the devices from potential exploitation without needing to replace the hardware or significantly change the network architecture.

Reply
Reply
Report
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms