Q: 4
A company deploys antivirus, anti-malware, and firewalls that can be assumed to be functioning
properly. Which of the following is the MOST likely system vulnerability?
Options
Discussion
Yeah, gotta be A. Antivirus and firewalls don’t catch trusted users doing shady stuff.
C , I think ransomware still poses a risk even with AV/firewall since not every variant is caught right away. D seems possible too but I usually see ransomware slipping through in practice. Anyone pick D?
I get why some might pick D, but worms and ransomware are both mostly external threats and firewalls/AV cover those. Trap is thinking open ports matter most, but A is still the bigger risk with strong perimeter controls.
A tbh. Saw similar logic in practice exams and the official guide highlights that insider threat slips past traditional AV/firewall controls. Still, open ports (D) get people sometimes so worth labbing both scenarios if unsure.
Hard to say, D, since open ports can still be overlooked even with strong AV and firewalls. A seems like a trap answer here.
Call it A here. Even with AV and a firewall working, insider threat is tough since it's about trusted users doing harm. Open ports looks tempting, but controls in place reduce that risk. Anyone think differently?
Option D - open ports. Similar question showed up in some practice exams, worth double-checking the official objectives and doing a few lab scenarios to see how often open ports get missed even with good AV.
Pretty sure A (insider threat) is the one AV and firewalls can't really deal with since it's about someone already trusted. The others are mostly external or handled by those controls. Open to corrections if I missed something.
A tbh, D is tempting but insider threat is what those tools can't really stop. Trap question imo.
Its A. Even if your AV and firewalls are solid, they can't really protect against an insider using their legit access to do something bad. Only thing those controls miss, so makes sense here. If I'm missing something let me know.
Be respectful. No spam.
