CompTIA Security+ (SY0-501) — Question 1013

A company stores highly sensitive data files used by the accounting system on a server file share.
The accounting system uses a service account named accounting-svc to access the file share.
The data is protected will a full disk encryption, and the permissions are set as follows:
File system permissions: Users = Read Only
Share permission: accounting-svc = Read Only
Given the listed protections are in place and unchanged, to which of the following risks is the data still subject?

Answer options

• A. Exploitation of local console access and removal of data
• B. Theft of physical hard drives and a breach of confidentiality
• C. Remote exfiltration of data using domain credentials
• D. Disclosure of sensitive data to third parties due to excessive share permissions

Correct answer: A

Explanation

The data is vulnerable to exploitation through local console access, allowing an attacker with physical access to remove or tamper with the data, hence making option A correct. Options B, C, and D are not applicable as the protections in place, like full disk encryption and strict permissions, mitigate those specific risks.