CompTIA CySA+ (CS0-003) — Question 43

A security analyst needs to mitigate a known, exploited vulnerability related to an attack vector that embeds software through the USB interface. Which of the following should the analyst do first?

Answer options

• A. Conduct security awareness training on the risks of using unknown and unencrypted USBs.
• B. Write a removable media policy that explains that USBs cannot be connected to a company asset.
• C. Check configurations to determine whether USB ports are enabled on company assets.
• D. Review logs to see whether this exploitable vulnerability has already impacted the company.

Correct answer: C

Explanation

The correct answer is C, as checking configurations to see if USB ports are enabled allows the analyst to immediately assess the potential risk. Options A and B are preventive measures that can be taken later, while D involves a reactive approach that does not address the current vulnerability.