CompTIA SecurityX (CAS-005) — Question 198

In a recent audit, several critical legacy systems, which are externally exposed so that a specific vendor can manage them remotely, were identified. These systems must remain available to the vendor for the next six months. A security team segmented the network so these systems can only communicate with internal resources. Which of the following actions would be most appropriate to restore the vendor's access to manage these systems?

Answer options

• A. Disable all connections to the systems, and implement a backup solution to capture the needed data to send to the vendor on a weekly basis.
• B. Create a VPN connection and set up firewall rules so only specific connections are allowed to those systems.
• C. Disable external connections to those systems for the next six months.
• D. Isolate the critical systems so they can only be remotely managed from the internet.

Correct answer: B

Explanation

The correct answer is B, as creating a VPN connection with specific firewall rules allows secure remote access for the vendor while maintaining control over the connections. Option A is incorrect because disabling all connections would prevent the vendor from accessing the systems entirely. Option C also prevents vendor access, and option D does not align with the requirement for remote management by the vendor.