CompTIA Security+ (SY0-501) — Question 855

A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access.
Which of the following would assist the administrator in con-firming the suspicions? (Choose two.)

Answer options

• A. Networking access control
• B. DLP alerts
• C. Log analysis
• D. File integrity monitoring
• E. Host firewall rules

Correct answer: B, C

Explanation

DLP alerts (B) can indicate if sensitive data has been accessed or transferred inappropriately, while log analysis (C) can provide insights into access patterns and any unauthorized access attempts. The other options, while important for security, do not directly confirm unauthorized access or data exfiltration.