CompTIA CySA+ (CS0-001) — Question 142

Several accounting department users are reporting unusual Internet traffic in the browsing history of their workstations after returning to work and logging in. The building security team informs the IT security team that the cleaning staff was caught using the systems after the accounting department users left for the day.
Which of the following steps should the IT security team take to help prevent this from happening again? (Choose two.)

Answer options

• A. Install a web monitor application to track Internet usage after hours.
• B. Configure a policy for workstation account timeout at three minutes.
• C. Configure NAC to set time-based restrictions on the accounting group to normal business hours.
• D. Configure mandatory access controls to allow only accounting department users to access the workstations.
• E. Set up a camera to monitor the workstations for unauthorized use.

Correct answer: B, C

Explanation

The correct answers, B and C, focus on implementing timeout policies and access restrictions to limit workstation use outside of normal hours. Option A, while useful for monitoring, does not prevent unauthorized access. Option D restricts access but does not address the timing issue, and option E is reactive rather than proactive in preventing the problem.