ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 483 discussion

Actual exam question from CompTIA's SY0-701
Question #: 483
Topic #: 1
[All SY0-701 Questions]

A penetration test has demonstrated that domain administrator accounts were vulnerable to pass-the-hash attacks. Which of the following would have been the best strategy to prevent the threat actor from using domain administrator accounts?

  • A. Audit each domain administrator account weekly for password compliance.
  • B. Implement a privileged access management solution.
  • C. Create IDS policies to monitor domain controller access.
  • D. Use Group Policy to enforce password expiration.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by IT_guru_in_training at Dec. 20, 2024, 4:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Anyio
2 months ago
Selected Answer: B
B. Implement a privileged access management solution. Explanation: A privileged access management (PAM) solution minimizes the risk of pass-the-hash attacks by enforcing stricter controls on privileged accounts, such as domain administrators. PAM solutions include features like just-in-time access, session monitoring, credential vaulting, and isolating privileged credentials, ensuring that attackers cannot easily exploit administrative credentials. Why not the other options? A. Audit each domain administrator account weekly for password compliance: While auditing is good practice, it does not directly prevent pass-the-hash attacks because the attack uses hashed credentials, not passwords themselves. C. Create IDS policies to monitor domain controller access: Monitoring is helpful for detection, but it does not prevent the attack. Pass-the-hash attacks exploit credential reuse, which monitoring alone cannot stop.
upvoted 2 times
...
iliecomptia
3 months, 1 week ago
Selected Answer: B
Privileged access management (PAM) refers to policies, procedures, and technical controls to prevent compromise of privileged accounts. These controls identify and document privileged accounts, giving visibility into their use, and managing the credentials used to access them.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago