CompTIA CySA+ (CS0-001) — Question 194

A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application.
The security administrator notices that the new application uses a port typically monopolized by a virus.
The security administrator denies the request and suggests a new port or service be used to complete the application's task.
Which of the following is the security administrator practicing in this example?

Answer options

• A. Explicit deny
• B. Port security
• C. Access control lists
• D. Implicit deny

Correct answer: C

Explanation

The security administrator is implementing access control lists (ACLs) by assessing the risks associated with the requested port and suggesting alternatives to mitigate potential security threats. The other options, such as explicit deny and implicit deny, do not accurately capture the proactive approach of evaluating and modifying access based on specific criteria, and port security is more about securing specific ports rather than managing access through lists.