ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam
Go to Exam

Exam SY0-501 topic 1 question 435 discussion

Actual exam question from CompTIA's SY0-501
Question #: 435
Topic #: 1
[All SY0-501 Questions]

A CSIRT has completed restoration procedures related to a breach of sensitive data is creating documentation used to improve the organization's security posture. The team has been specifically tasked to address logical controls in their suggestions. Which of the following would be MOST beneficial to include in lessons learned documentation? (Choose two.)

  • A. A list of policies, which should be revised to provide better clarity to employees regarding acceptable use
  • B. Recommendations relating to improved log correlation and alerting tools
  • C. Data from the organization's IDS/IPS tools, which show the timeline of the breach and the activities executed by the attacker
  • D. A list of potential improvements to the organization's NAC capabilities, which would improve AAA within the environment
  • E. A summary of the activities performed during each phase of the incident response activity
  • F. A list of topics that should be added to the organization's security awareness training program based on weaknesses exploited during the attack
Show Suggested Answer Hide Answer
Suggested Answer: AF 🗳️
by renad_r at Nov. 22, 2019, 3:58 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Elb
Highly Voted 5 years, 4 months ago
A. A list of policies ( Admin ) B. log correlation and alerting tools ( Tech ) C. IDS/IPS tools ( tech ) D. NAC capabilities ( Tech ) E. A summary of the activities performed ( not a control ) F. security awareness training ( admin ) Examples of Technical Controls ACLs, Routers, Encryption, Audit logs, IDS, Antivirus software, Firewalls, Smart cards Dial-up call-back systems, Alarms and alerts Examples of Administrative Controls Security policy, Monitoring and supervising, Separation of duties Job rotation, Information classification, Personnel procedures Investigations, Testing, Security-awareness and training https://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Access_Control_Systems#Examples_of_Administrative_Controls
upvoted 21 times
...
renad_r
Highly Voted 5 years, 6 months ago
the question clearly stated that the team is specifically tasked with addressing logical (technical) controls, these answers dictate administrative controls, I'd go with B and D.
upvoted 10 times
Zen1
5 years, 4 months ago
I think you're right, "logical access controls are tools and protocols used for identification, authentication, authorization, and accountability in computer information systems. Logical access is often needed for remote access of hardware and is often contrasted with the term "physical access", which refers to interactions (such as a lock and key) with hardware in the physical environment, where equipment is stored and used." -from wikipedia
upvoted 2 times
...
Mobeus
5 years, 3 months ago
Unless in this context, "logical" means "sensible" rather than "technical".
upvoted 4 times
...
...
troxel
Most Recent 4 years, 1 month ago
A and F are _admin_ controls. B, C and D are tech or logical controls. Don't understand how A and F are the answer.
upvoted 1 times
...
MalakAlhzan
4 years, 3 months ago
The key word here is "lessons learned documentation" , AF is CORRECT
upvoted 3 times
...
Teza
4 years, 9 months ago
B and D
upvoted 3 times
...
CoRell
4 years, 9 months ago
Logical controls = technical controls. Hence, B and D.
upvoted 4 times
...
DrSledge
4 years, 11 months ago
Generally logical = technical, so B+D would be correct. The question could be worded better, but hey, that's CompTIA for ya...
upvoted 5 times
...
SimonR2
4 years, 12 months ago
Answer is B and D - they are the only logical controls
upvoted 2 times
...
frededel
5 years, 3 months ago
B and D are the only technical controls that would improve security.
upvoted 10 times
...
MelvinJohn
5 years, 4 months ago
B and C: Logical controls (also called technical controls) use software and data to monitor and control access to information and computing systems. Examples of logical controls are passwords, network firewalls, access control lists and data encryption.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel