Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 100

An organization installed a new application server for IP phones. An automated process fetched user credentials from the Active Directory server, and the application will have access to on-premises and cloud services. Which security threat should be mitigated first?

Answer options

• A. aligning access control policies
• B. exfiltration during data transfer
• C. attack using default accounts
• D. data exposure from backups

Correct answer: B

Explanation

The primary concern is exfiltration during data transfer, as automated processes handling credentials could expose sensitive information if not properly secured. Aligning access control policies, addressing default account vulnerabilities, and managing data exposure from backups are important but secondary to the immediate risk of data being intercepted during transmission.