Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
A compensating control is a security measure that is implemented as a substitute or temporary measure when the primary control cannot be used or is not effective. In this scenario, a host-based firewall on a legacy Linux system allowing connections only from specific internal IP addresses acts as a compensating control. This is because it compensates for the limitations of using network-based firewalls or other advanced security measures due to the legacy nature of the system, thereby providing a method to control access and enhance security.
It is not mentioned that internal IP addresses have been separated from other network IP addresses, but that the host-based firewall is only allowed to communicate with, & protect specific internal IP addresses, this would compensate for threats by mitigating possible attack surfaces that those internal addresses might be vulnerable to from OUTSIDE the network.
I agree with you
A. Compensating control w, the keyword in the question is "legacy". Suppose that you have a legacy Linux server which is not compatible with those network-based firewalls, routers and multi-layer switches which is preventing you not just from building VLANs (Network Segmentation), but also from applying white-listing ACL technique against malicious IP addresses. So, what you're going to do is you are going to use host-based firewalls as a compensation for network appliances to be able to accomplish the similar end-result
B. Network segmentation. Network segmentation involves dividing a computer network into smaller, isolated networks to improve security and reduce the impact of potential security breaches. By configuring the host-based firewall to allow connections only from specific internal IP addresses, the system is effectively segmenting the network to limit communication to authorized entities, thus enhancing security. Options such as compensating control (A), transfer of risk (C), and SNMP traps (D) do not accurately describe the scenario of restricting connections to specific internal IP addresses through a host-based firewall
A. Compensating control A compensating control is a security measure that is put in place to satisfy the requirements of a security policy or standard when the primary control cannot be implemented. In this case, the host-based firewall on a legacy Linux system allowing connections from only specific internal IP addresses serves as a compensating control to protect the system by limiting access to trusted sources. Therefore, the correct answer is: A. Compensating control
Whenever there is legacy mentioned it is 99% always going to be compensating controls or compensation.
In the context of the question, which involves a host-based firewall on a legacy Linux system allowing connections from only specific internal IP addresses, the primary goal is to enhance security by limiting access. This is a direct control measure rather than a compensating one. The firewall is not compensating for the inability to implement another control; it is the control itself, enforcing access restrictions based on IP addresses. Configuring the firewall to only allow connections to specific IP addresses, it is segmenting its network.
Answer B.
Compensating control
A. Compensating control
logical network segmentation includes ACL implementation to allow or dissallow specific IP addresses to communicate with a particular device.