CompTIA SecurityX (CAS-005) — Question 183

An organization receives OSINT reports about an increase in ransomware targeting fileshares at peer companies. The organization wants to deploy hardening policies to its servers and workstations in order to contain potential ransomware. Which of the following should an engineer do to best achieve this goal?

Answer options

• A. Allow only interactive log-in for users on workstations and restrict port 445 traffic to fileshares.
• B. Enable biometric authentication mechanisms on user workstations and block port 53 traffic.
• C. Instruct users to use a password manager when generating new credentials and secure port 443 traffic.
• D. Give users permission to rotate administrator passwords and deny port 80 traffic.

Correct answer: A

Explanation

The correct answer is A because allowing only interactive log-ins and restricting port 445, which is used for SMB file sharing, directly addresses the threat of ransomware targeting fileshares. The other options do not effectively mitigate the ransomware risk; for example, enabling biometric authentication (B) or advising on password managers (C) does not specifically target the vulnerabilities presented by fileshare access.