Question

Ben is responding to a security incident and determines that the attacker is using systems on Ben's network to attack a third party. Which one of the following containment approaches will prevent Ben's systems from being used in this manner?

A. Removal
B. Isolation
C. Detection
D. Segmentation

Answer 1

Segmentation is the most appropriate containment approach to prevent Ben's systems from being used by the attacker.

Step-by-step explanation:

In this scenario, the most appropriate containment approach to prevent Ben's systems from being used by the attacker is Segmentation.

Segmentation involves separating or isolating different parts of a network to prevent unauthorized access and control over sensitive systems. By implementing segmentation, Ben can restrict access to his systems and prevent the attacker from using them to launch attacks against a third party.

For example, Ben can create separate network segments or VLANs (Virtual Local Area Networks) for different groups or types of systems. This way, even if the attacker gains access to one segment or VLAN, they will be isolated and unable to move laterally to other segments that may contain more critical systems.