An Industrial Control System environment is using a unique microcontroller with minimal memory. The device cannot support new updates, yet it is essential for operations. The security team wants to reduce external exposure. Which approach best preserves operational requirements while reducing unauthorized access attempts?
Use isolated network segmentation for the device to limit potential infiltration
Disable monitoring on the device to reduce network demands
Continue to push patches frequently to address potential weaknesses
Swap out the device with equivalent hardware following each detected issue
Placing the device on an isolated network segment allows precise traffic management and prevents attacks from spreading. Trying to patch a device that cannot support updates is ineffective. Disabling monitoring forfeits critical oversight for detecting malicious behavior. Replacing the device after issues arise does not address underlying vulnerabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is network segmentation in an Industrial Control System (ICS) environment?
Open an interactive chat with Bash
Why is patching ineffective for devices that cannot support updates?
Open an interactive chat with Bash
How does isolating a device reduce unauthorized access attempts?