During a security review of a newly assigned database server, an assessor discovers that the default login is still active and the operating system is missing recent patches. Which action provides a better defense?
Enable a guest user account to simplify access
Raise log retention for more in-depth event tracking
Remove vendor-provided credentials and apply patches
Eliminating the original credentials helps prevent easy break-ins, and regular updates address known gaps. Logs offer insight but do not correct weak authentication or unpatched software. Granting a guest account, even for convenience, undermines security. Adding an extra scanning tool might assist detection but does not resolve the core weaknesses.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are vendor-provided credentials, and why are they a security risk?
Open an interactive chat with Bash
Why is patching critical for database servers?
Open an interactive chat with Bash
How does log retention aid in security, and why doesn’t it resolve core issues?