While monitoring network traffic, you notice an unfamiliar MAC address communicating with several internal systems. Upon investigation, you determine the device is not authorized and is not following standard security protocols. What should your next step be?
The correct step in this scenario is to isolate the unverified device from the network to prevent potential security risks. Disconnecting or quarantining the device ensures it cannot access or communicate with other systems, which helps mitigate any unauthorized access or data breaches. Simply monitoring or gathering more information without taking action risks further exposure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to isolate an unauthorized device from the network?
Open an interactive chat with Bash
What are some standard security protocols that devices should follow?
Open an interactive chat with Bash
What steps should be taken after isolating an unauthorized device?