CompTIA CySA+ (CS0-001) — Question 31

A cybersecurity professional typed in a URL and discovered the admin panel for the e-commerce application is accessible over the open web with the default password. Which of the following is the MOST secure solution to remediate this vulnerability?

Answer options

• A. Rename the URL to a more obscure name, whitelist all corporate IP blocks, and require two-factor authentication.
• B. Change the default password, whitelist specific source IP addresses, and require two-factor authentication.
• C. Whitelist all corporate IP blocks, require an alphanumeric passphrase for the default password, and require two-factor authentication.
• D. Change the username and default password, whitelist specific source IP addresses, and require two-factor authentication.

Correct answer: D

Explanation

The correct answer is D because changing both the username and default password significantly increases security by making it harder for attackers to gain access. While whitelisting specific IP addresses and requiring two-factor authentication are also important security measures, simply changing the password without altering the username may not provide sufficient protection against more determined attackers.