CompTIA Security+ (SY0-601) — Question 251

A large industrial system’s smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs, the company’s security manager notices the generator’s IP is sending packets to an internal file server’s IP. Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?

Answer options

• A. Segmentation
• B. Firewall allow list
• C. Containment
• D. Isolation

Correct answer: A

Explanation

Implementing segmentation helps to limit the communication between the smart generator and other parts of the network, thereby reducing potential attack surfaces while still allowing necessary alerts to be sent. A firewall allow list might restrict traffic too much, potentially blocking important alerts. Containment and isolation could lead to loss of functionality or alerting capabilities, which is not desirable in this scenario.