During an after-hours breach, an attacker exploited a misconfigured firewall cluster that normally protects the finance subnet. The security team has contained the intrusion and removed the malicious binaries, but a replacement firewall module will not arrive for another 48 hours. Sensitive payment servers must remain online to support end-of-month processing. Which of the following is the BEST immediate compensating control the responders should deploy to reduce the likelihood of a second compromise while the primary control is offline?
Extend VPN access to all employees to ensure business continuity.
Implement network segmentation to limit lateral movement and isolate sensitive systems.
Conduct a root cause analysis to determine how the breach occurred.
Update the incident response plan to include the breach details.
Implementing network segmentation is the most effective short-term measure because it isolates the at-risk finance systems and restricts east-west traffic, sharply reducing an attacker's ability to move laterally while the new firewall is procured and installed. Updating the incident response plan and conducting a root-cause analysis are important-but they belong to the post-incident lessons-learned phase and do not directly shrink the current attack surface. Expanding VPN access aims at business continuity but actually widens the remote-access exposure, increasing risk rather than mitigating it.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is network segmentation and how does it reduce security risks?
Open an interactive chat with Bash
How can misconfigured firewalls lead to security breaches?
Open an interactive chat with Bash
What is lateral movement in cybersecurity, and why is it a key risk?