CompTIA CySA+ (CS0-003) — Question 355

A security manager reviews the permissions for the approved users of a shared folder and finds accounts that are not on the approved access list. While investigating an incident, a user discovers data discrepancies in the file. Which of the following best describes this activity?

Answer options

• A. Filesystem anomaly
• B. Illegal software
• C. Unauthorized changes
• D. Data exfiltration

Correct answer: C

Explanation

The correct answer is 'C. Unauthorized changes' because the presence of accounts not on the approved access list indicates that changes may have been made without authorization. The other options do not accurately capture the situation: 'A. Filesystem anomaly' refers to unusual patterns in file activity, 'B. Illegal software' pertains to unauthorized applications, and 'D. Data exfiltration' involves the unauthorized transfer of data out of the system.