CompTIA A+ Core 2 (220-1002) — Question 14

A security team is auditing a company's network logs and notices that a USB drive was previously inserted into several of the servers. Many login attempts were then successfully performed using common login information.
Which of the following actions should be taken to close the vulnerability? (Choose two.)

Answer options

• A. Disable guest account
• B. Remove admin permissions
• C. Modify AutoRun settings
• D. Change default credentials
• E. Run OS security updates
• F. Install a software firewall

Correct answer: C, D

Explanation

Modifying AutoRun settings (C) is essential to prevent unauthorized software from executing automatically when a USB drive is inserted. Changing default credentials (D) closes the security gap created by using common login information. The other options do not directly address the vulnerabilities associated with USB drives and weak credentials.