CompTIA Security+ (SY0-701) — Question 549

A penetration test identifies that an SMBv1 is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the most efficient way possible. Which of the following should the organization use for this purpose?

Answer options

• A. GPO
• B. ACL
• C. SFTP
• D. DLP

Correct answer: A

Explanation

Using a Group Policy Object (GPO) is the most efficient method for disabling SMBv1 across multiple servers, as it allows for centralized management of settings in a Windows environment. The other options, such as ACL (Access Control List), SFTP (Secure File Transfer Protocol), and DLP (Data Loss Prevention), do not specifically address the vulnerability associated with SMBv1 and are not suitable for remediation in this context.