An organization suspects that various outside providers have data links into its environment that may not be documented. Security leadership wants to find these links while keeping typical daily operations going. Which approach meets this goal in a systematic way?
Wait for the annual compliance review to capture details on these connections
Deactivate outside connections until each provider requests a revised approval process
Cross-reference existing agreements for authorized access and follow up with an active scan to detect any unlisted network routes
Invite external entities to contact the security team if they have established any link to internal systems
The most effective and systematic approach is to compare existing authorized access agreements with active network scans. This helps identify undocumented or unauthorized data links without disrupting operations. Disabling connections abruptly can hinder business continuity, and relying on external entities to self-report introduces inaccuracy. Delaying action until the next audit leaves the organization exposed to ongoing risk.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is cross-referencing agreements important in identifying unauthorized network routes?
Open an interactive chat with Bash
What does an active network scan involve, and how does it detect unlisted routes?
Open an interactive chat with Bash
Why is disabling connections or relying on external entities not a suitable solution?