CompTIA CySA+ (CS0-001) — Question 156

While reviewing three months of logs, a security analyst notices probes from random company laptops going to SCADA equipment at the company's manufacturing location. Some of the probes are getting responses from the equipment even though firewall rules are in place, which should block this type of unauthorized activity. Which of the following should the analyst recommend to keep this activity from originating from company laptops?

Answer options

• A. Implement a group policy on company systems to block access to SCADA networks.
• B. Require connections to the SCADA network to go through a forwarding proxy.
• C. Update the firewall rules to block SCADA network access from those laptop IP addresses.
• D. Install security software and a host-based firewall on the SCADA equipment.

Correct answer: A

Explanation

The correct answer is A because implementing a group policy can effectively restrict access to SCADA networks from company laptops, thereby preventing unauthorized probes. Options B and D do not directly address the issue of controlling access from the laptops, while option C, although useful, might not be as efficient as a policy that centrally manages access permissions.