CompTIA CySA+ (CS0-001) — Question 162

A cybersecurity analyst is hired to review the security measures implemented within the domain controllers of a company. Upon review, the cybersecurity analyst notices a brute force attack can be launched against domain controllers that run on a Windows platform. The first remediation step implemented by the cybersecurity analyst is to make the account passwords more complex. Which of the following is the NEXT remediation step the cybersecurity analyst needs to implement?

Answer options

• A. Disable the ability to store a LAN manager hash.
• B. Deploy a vulnerability scanner tool.
• C. Install a different antivirus software.
• D. Perform more frequent port scanning.
• E. Move administrator accounts to a new security group.

Correct answer: E

Explanation

Moving administrator accounts to a new security group helps to limit access and reduce the attack surface, which is crucial after strengthening password complexity. The other options, while potentially useful in enhancing security, do not directly address the immediate need for better management of privileged accounts following the password adjustment.