A financial institution has detected a critical vulnerability in their legacy core banking system, but an immediate patch is not possible due to potential disruptions to their services and operations. What action should the cybersecurity team take to address the vulnerability in the interim period?
Enhance security awareness and training among employees
Increase logging and monitoring on the vulnerable system
Disable the legacy system until a patch can be applied
Implement network segmentation to isolate the system
The correct answer is 'Implement network segmentation to isolate the system.' Network segmentation is an effective compensating control that limits the movement of threats within the network and isolates critical systems, thus reducing the attack surface. This action minimizes the risk while a permanent solution is being developed. Other options, like increasing security awareness or monitoring, are valuable for overall security strategy but do not provide the immediate protection needed in this scenario. Disabling the system might not be practical due to the institution's need to maintain continuous operations.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is network segmentation and how does it work?
Open an interactive chat with Bash
What are compensating controls in cybersecurity?
Open an interactive chat with Bash
Why is enhancing security awareness and training not sufficient in this scenario?