Free CompTIA Security Plus SY0-701 Actual Exam Questions - Question 5 Discussion
Question No. 5
HOTSPOT
You are security administrator investigating a potential infection on a network.
Click on each host and firewall. Review all logs to determine which host originated the Infecton and
then deny each remaining hosts clean or infected.
You are security administrator investigating a potential infection on a network.
Click on each host and firewall. Review all logs to determine which host originated the Infecton and
then deny each remaining hosts clean or infected.
US
SC
Shoaib C.
2026-02-12
Host 3 clearly shows unusual outbound connections and malware alerts in the logs, so it’s the source of the infection. Hosts 1 and 2 mostly show inbound traffic from Host 3 but no signs of spreading the infection themselves, so I’d mark them as clean and deny any incoming traffic from Host 3 to limit spread. The firewall rules should block Host 3 completely, while allowing normal operations for Hosts 1 and 2. This way, we isolate the infected machine without disrupting the whole network unnecessarily.
0
MA
Mason A.
2026-01-15
Host 3 looks infected; I’d block that and keep others clean.
0