CompTIA CySA+ (CS0-002) — Question 18

A security analyst has discovered malware is spreading across multiple critical systems and is originating from a single workstation, which belongs to a member of the cyberinfrastructure team who has legitimate administrator credentials. An analysis of the traffic indicates the workstation swept the network looking for vulnerable hosts to infect. Which of the following would have worked BEST to prevent the spread of this infection?

Answer options

• A. Vulnerability scans of the network and proper patching
• B. A properly configured and updated EDR solution
• C. A honeynet used to catalog the anomalous behavior and update the IPS
• D. Logical network segmentation and the use of jump boxes

Correct answer: D

Explanation

Logical network segmentation limits the ability of malware to propagate across the entire network by isolating different segments. Jump boxes add an additional layer of security by controlling access to sensitive areas, making it harder for malware to spread. While the other options may improve overall security, they do not provide the same level of containment as effective segmentation.