A financial services company has recently suffered from a ransomware attack that has impacted a critical server which is not upgradable to the latest security patches due to legacy software dependencies. The incident response team is considering various options for mitigating the risk of this server being compromised again. Which of the following would be the BEST form of a compensating control given the inability to patch the server?
Produce and store encrypted backups of the server on a bi-weekly basis.
Enforce frequent password rotation for all users with access to the critical server.
Schedule regular patching for the critical server.
Implement network segmentation to isolate the critical server from the broader network.
|Incident Response and Management
|Reporting and Communication