A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.
Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?
The correct solution for supporting the environment and remaining compliant with security requirements is to use a jump box in the screened subnet. A jump box serves as a secure, hardened intermediary that privileged users must access before connecting to the sensitive environment. This setup ensures that access is tightly controlled, restricted to authorized endpoints, and enables detailed monitoring of access. It also aids in enforcing need-to-know restrictions and prevents direct access to sensitive data, thereby integrating seamlessly with DLP solutions to control data exfiltration.
So you are going to use NAC to support an environment from your workstation?? Sticking with C as a jumpbox is used specifically for this purpose
It sounds like option C, a jump box in the screened subnet, should be implemented for privileged users so they can support the environment from their workstations while remaining compliant. Option A, NAC (network access control), is a security technology that is used to control access to a network based on the identity of a device or user. It is not typically used to support an environment from workstations
Network Access Control (NAC) is used to bolster the network security by restricting the availability of network resources to managed endpoints that don't satisfy the compliance requirements of the Organization.
Jump box, hands down makes everything reliable and for sure. Minimizing the risk with only a small amount of overhead of the Jump Box. Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
To support the specific environment that handles sensitive data while remaining compliant with the security compliance requirement, it would be appropriate to implement a jump box in the screened subnet for privileged users. A jump box is a secure server that is used as a central point of access to a restricted network. It is typically used to provide remote access to a screened subnet, which is a network segment that is isolated from the rest of the network and is only accessible through a jump box or other secure access point. By using a jump box, privileged users can access the environment and support it from their workstations while still maintaining need-to-know restrictions and only connecting to authorized endpoints.
According to comptia book this is the descripton of a jump box/server
C; A jump box in the screened subnet; A jump box is used to perform administrative tasks or to access servers located within an environment
A jump box in the screened subnet should be implemented for privileged users so they can support the environment from their workstations while remaining compliant. A jump box is a secure and hardened intermediary system that privileged users can access before connecting to the target environment. This setup adds an extra layer of security by restricting direct access to sensitive environments and ensuring that only authorized endpoints can connect. By using a jump box, the organization can better control and monitor access to sensitive environments, making it easier to enforce need-to-know restrictions and maintain compliance
A jump box in the screened subnet is the best option to ensure privileged users can support the environment while remaining compliant with the security compliance requirement. This is because the jump box will provide access to the environment while enforcing the need-to-know restrictions and controlling the data from leaving the environment with the DLP solution. Additionally, it will also provide a secure connection to the environment that can be monitored and audited. Answer: C
Agree with great_lake1231. A jump box can be specially configured, highly hardened, and closely monitored.
Implementing a jump box in the screened subnet is the best solution to meet the compliance requirements. It provides a secure, controlled access point for privileged users, ensures connections are limited to authorized endpoints, and supports integration with DLP solutions to prevent unauthorized data exfiltration. Thus, the correct answer is: