An organization suspects that various outside providers have data links into its environment that may not be documented. Security leadership wants to find these links while keeping typical daily operations going. Which approach meets this goal in a systematic way?
Invite external entities to contact the security team if they have established any link to internal systems
Wait for the annual compliance review to capture details on these connections
Deactivate outside connections until each provider requests a revised approval process
Cross-reference existing agreements for authorized access and follow up with an active scan to detect any unlisted network routes
The most effective and systematic approach is to compare existing authorized access agreements with active network scans. This helps identify undocumented or unauthorized data links without disrupting operations. Disabling connections abruptly can hinder business continuity, and relying on external entities to self-report introduces inaccuracy. Delaying action until the next audit leaves the organization exposed to ongoing risk.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an active network scan and how does it help detect unauthorized links?
Open an interactive chat with Bash
Why is cross-referencing authorized access agreements important?
Open an interactive chat with Bash
What risks are associated with delaying action until the next compliance review?