CompTIA Security+ (SY0-701) — Question 133

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Choose two.)

Answer options

• A. The device has been moved from a production environment to a test environment.
• B. The device is configured to use cleartext passwords.
• C. The device is moved to an isolated segment on the enterprise network.
• D. The device is moved to a different location in the enterprise.
• E. The device's encryption level cannot meet organizational standards.
• F. The device is unable to receive authorized updates.

Correct answer: E, F

Explanation

The correct answers are E and F because a device that cannot meet encryption standards (E) poses a security risk and should be decommissioned. Additionally, a device that cannot receive authorized updates (F) may be vulnerable to threats and exploits, making it unsuitable for continued use. Options A, B, C, and D do not inherently justify decommissioning the device based on security or compliance issues.