The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance audit and meet the following objectives:
✑ Reduce the number of potential findings by the auditors.
✑ Limit the scope of the audit to only devices used by the payment-processing team for activities directly impacted by the regulations.
✑ Prevent the external-facing web infrastructure used by other teams from coming into scope.
✑ Limit the amount of exposure the company will face if the systems used by the payment-processing team are compromised.
Which of the following would be the MOST effective way for the security team to meet these objectives?
A. Limit the permissions to prevent other employees from accessing data owned by the business unit.
B. Segment the servers and systems used by the business unit from the rest of the network.
C. Deploy patches to all servers and workstations across the entire organization.
D. Implement full-disk encryption on the laptops used by employees of the payment-processing team.
The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance a
-
answerhappygod
- Site Admin
- Posts: 899604
- Joined: Mon Aug 02, 2021 8:13 am
The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance a
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!