In response to a security incident involving unauthorized access to file servers, an enterprise wishes to enhance its security architecture to limit the risk of future breaches spreading from individual workstations to critical servers. Which of the following would be the most effective method to accomplish this?
You selected this option
Remove all non-essential services running on the workstations.
You selected this option
Create subdivided areas within the network, each with controlled access to corporate servers.
You selected this option
Update the permissions for all files on the servers to limit workstation access.
You selected this option
Activate firewall software on all workstations within the network.
Establishing subdivided areas within a network allows a company to control access in and between those areas, thereby restricting the movement of potential threats from one network segment to another. This technique enforces separation between user workspaces and sensitive server assets, hence this method is the most effective for the given scenario. Though disabling unnecessary services and enabling endpoint firewalls are good practices, they do not by themselves prevent potential lateral movement across the network. Adjusting permissions may help but does not inherently isolate the server resources from the workstations.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are subdivided areas in a network?
Open an interactive chat with Bash
What does controlled access to corporate servers mean?
Open an interactive chat with Bash
Why are disabling non-essential services and activating firewalls not enough to prevent breaches?