The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance audit and meet the following objectives: Reduce the number of potential findings by the auditors. Limit the scope of the audit to only devices used by the payment-processing team for activities directly impacted by the regulations. Prevent the external-facing web infrastructure used by other teams from coming into scope. Limit the amount of exposure the company will face if the systems used by the payment-processing team are compromised. Which of the following would be the MOST effective way for the security team to meet these objectives?
A) Limit the permissions to prevent other employees from accessing data owned by the business unit.
B) Segment the servers and systems used by the business unit from the rest of the network.
C) Deploy patches to all servers and workstations across the entire organization.
D) Implement full-disk encryption on the laptops used by employees of the payment-processing team.
Correct Answer:
Verified
Q18: An information security analyst observes anomalous behavior
Q19: A storage area network (SAN) was inadvertently
Q20: During an investigation, a security analyst determines
Q21: Because some clients have reported unauthorized activity
Q22: During a cyber incident, which of the
Q24: Which of the following sets of attributes
Q25: A development team is testing a new
Q26: A security analyst is building a malware
Q27: A security analyst is reviewing the following
Q28: A monthly job to install approved vendor
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents