During a routine penetration test of a customer’s physical data center, a penetration tester observes that no changes have been made to the production firewalls in more than five years. Which of the following is the most appropriate remediation technique to reduce the risk of future security breaches?
To address no changes being made to production firewalls in over five years, the most appropriate remediation technique is to implement SSH key rotation. Regularly rotating SSH keys is essential for maintaining secure access controls to the firewalls. This practice ensures that access is restricted to authorized personnel, and keys that may be compromised or outdated are replaced. This directly helps in reducing the potential risk of unauthorized access and subsequent security breaches by ensuring that firewall management remains secure and up-to-date.
To reduce the risk of future security breaches related to outdated firewall configurations D. SSH key rotation: Regularly rotating SSH keys is a good practice for maintaining secure access to systems, including firewalls. However, the primary concern here seems to be the lack of updates to the firewall rules and configurations. Therefore, more broadly, this issue highlights the need for regular reviews and updates of firewall rules and configurations to ensure they are aligned with current security best practices and threats. A. Video surveillance: While important for physical security, it does not directly address the issue of outdated firewall configurations. B. Biometric controls: This also pertains to physical security and access control rather than network security or firewall management. C. Password encryption: While critical for protecting credentials, it does not directly affect firewall configuration management or updates.
The only answer that addresses outdated firewall configurations
Trick question - "physical data center" I believe the mentioning of the firewall is irrelevant as they are talking about physical security. Thus, B is the correct answer.
SSH key rotation involves regularly changing SSH keys to ensure secure access controls are maintained. This practice can help secure the management of firewalls, especially if they haven't been updated or changed in a long time, by preventing unauthorized access due to compromised or outdated keys