Crucial Exams

CompTIA Server+ SK0-005 Practice Question

During an incident review on a Windows Server 2022 file server, you discover that a Tier-1 support technician-who is not a local administrator-was able to overwrite the C:\Windows\System32\drivers\etc\hosts file and plant a back-door service. The account is a member only of a custom domain group named File-Backup-Ops. A Group Policy object assigns this group the user rights "Back up files and directories" and "Restore files and directories" on every server. No other privileges are delegated. Which change will BEST eliminate this improper privilege escalation while still allowing the group to perform routine backups?

  • Add an explicit NTFS deny-write permission to C:\Windows\System32 for the File-Backup-Ops group.

  • Remove the "Restore files and directories" (SeRestorePrivilege) user right from the File-Backup-Ops group.

  • Remove the "Back up files and directories" (SeBackupPrivilege) user right from the File-Backup-Ops group.

  • Add the File-Backup-Ops group to the local Backup Operators group instead of using Group Policy.

CompTIA Server+ SK0-005
Troubleshooting
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
SAVE $47
CompTIA Server+ Voucher
v5 / SK0-005
$390.00 $343.00
SAVE $53
CompTIA Server+ Voucher with Retake
v5 / SK0-005
Includes Retake
$439.00 $386.00
Bash, the Crucial Exams Chat Bot
AI Bot