Complete SY0-701 CompTIA Materials

Detailed Explanation:Insecure key storage refers to vulnerabilities caused by improper handling of cryptographic keys and certificates, such as storing them in plaintext or lacking access controls. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 2: Threats, Section: " Cryptographic Vulnerabilities and Mitigation " ​​.

The correct answer is Train supervisors to identify and manage disgruntled employees because insider threat risk is strongly tied to human behavior, morale, and organizational change. In the Security+ SY0-701 framework, insider threats are not limited to technical weaknesses but are often driven by emotional, financial, or workplace stressors—such as layoffs, demotions, or job uncertainty. During workforce reductions, employees may experience resentment or fear, increasing the likelihood of malicious or negligent actions.

Security awareness programs are designed to address human-centric risks through education, observation, and early intervention. Training supervisors equips them to recognize warning signs of insider threat behavior, including sudden disengagement, policy violations, excessive access requests, or hostile workplace conduct. The SY0-701 study guide emphasizes that managers and supervisors are in the best position to observe behavioral changes and escalate concerns before they turn into security incidents.

Option A is incorrect because disabling accounts before termination can disrupt operations, violate HR procedures, and raise legal or ethical concerns. Option C, configuring DLP to monitor staff targeted for termination, may be inappropriate, legally risky, and reactive rather than preventive. Option D focuses on external threats like phishing and manipulation, not internal risks tied to layoffs.

By training supervisors, the organization strengthens administrative and operational controls that align with security governance and personnel risk management objectives in SY0-701. This proactive approach supports collaboration between HR, management, and security teams, ensuring insider threats are identified early and handled appropriately.

In summary, insider threat mitigation during layoffs is most effective when focused on people and processes. Training supervisors helps detect risk indicators early, supports employee well-being, and reduces the likelihood of intentional or accidental security incidents during periods of organizational stress.

Impersonation occurs when an attacker or unauthorized user is granted access (authorized) by masquerading as a legitimate user, effectively bypassing or exploiting the authentication process. This means authorization is mistakenly granted before proper authentication.

Privilege escalation (A) involves gaining higher access after authentication. Race conditions (B) are timing vulnerabilities. Tailgating (C) refers to physical unauthorized access by following an authorized person.

Impersonation is a well-known identity attack vector detailed in the Threats and Vulnerabilities domain of SY0-701【6:Chapter 4†CompTIA Security+ Study Guide】.