Question

A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs, the company's security manager notices the generator's IP is sending packets to an internal file server's IP.

Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?

A. Segmentation
B. Firewall whitelisting
C. Containment
D. Isolation

Answer 1

The security manager should implement segmentation to isolate the smart generator from the internal file server and prevent unauthorized communication between them.

Step-by-step explanation:

The best mitigation for the security manager to implement in this scenario is segmentation. Segmentation involves dividing the network into separate segments or subnets, with different security levels and access controls. By implementing segmentation, the security manager can isolate the smart generator from the internal file server, preventing any unauthorized communication between them.

This approach ensures that even if the smart generator is compromised, it will not have direct access to sensitive resources within the network.

For example, the security manager can place the smart generator and the file server on separate VLANs (Virtual Local Area Networks) and use ACLs (Access Control Lists) on the network switches to control communication between these VLANs.