CompTIA PenTest+ (PT0-002) — Question 258

During a routine penetration test of a customer’s physical data center, a penetration tester observes that no changes have been made to the production firewalls in more than five years. Which of the following is the most appropriate remediation technique to reduce the risk of future security breaches?

Answer options

• A. Video surveillance
• B. Biometric controls
• C. Password encryption
• D. SSH key rotation

Correct answer: D

Explanation

SSH key rotation is crucial as it helps to ensure that long-lived keys do not become a vulnerability. The other options, such as video surveillance and biometric controls, enhance physical security but do not address the specific issue of outdated firewall configurations. Password encryption is important for protecting credentials but does not directly mitigate risks associated with firewall management.