CompTIA Security+ (SY0-501) — Question 114

After a security assessment was performed on the enterprise network, it was discovered that:
1. Configuration changes have been made by users without the consent of IT.
2. Network congestion has increased due to the use of social media.
3. Users are accessing file folders and network shares that are beyond the scope of their need to know.
Which of the following BEST describe the vulnerabilities that exist in this environment? (Choose two.)

Answer options

• A. Poorly trained users
• B. Misconfigured WAP settings
• C. Undocumented assets
• D. Improperly configured accounts
• E. Vulnerable business processes

Correct answer: A, D

Explanation

The correct answers are A and D because poorly trained users can lead to unauthorized configuration changes and improperly configured accounts can enable excessive access. Options B, C, and E do not directly address the specific issues identified in the scenario, such as user training and account configurations.