A security analyst needs to mitigate a known, exploited vulnerability related to an attack vector that embeds software through the USB interface. Which of the following should the analyst do first?

A. Conduct security awareness training on the risks of using unknown and unencrypted USBs.

B. Write a removable media policy that explains that USBs cannot be connected to a company asset.

C. Check configurations to determine whether USB ports are enabled on company assets.

D. Review logs to see whether this exploitable vulnerability has already impacted the company.








 

Suggested Answer: C

Community Answer: C



This question is in CS0-003 CompTIA Cybersecurity Analyst (CySA+) Exam
For getting CompTIA Cybersecurity Analyst (CySA+) Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.