Free CompTIA Security Plus SY0-701 Actual Exam Questions - Question 2 Discussion

A imo. Enabling threat prevention on the firewall directly reduces risk at the network level without outright blocking access, which fits the idea of a compensating control. B is more about detection than prevention, so it’s less proactive. C sounds risky since allowing traffic from any port is too broad and could introduce more vulnerabilities. D just blocks access, which isn’t really compensating if users still need to reach the site for business reasons. So A makes the most sense here.

Maybe B since monitoring all traffic helps detect issues without blocking access.

A imo, because enabling threat prevention on the firewall adds a security layer while still allowing access. B sounds more like monitoring than active control, so less direct as a compensating measure.

Is this asking for a control that lets users access the site but still keeps things safe? Because options A and B kinda make sense, but D seems like it blocks access entirely. Just wanna make sure I’m interpreting it right before picking.