Creating a separate network for users who need access tothe application is the best action to secure an internal application that is critical to the production area and cannot be updated.
Why Separate Network?
Network Segmentation: Isolates the critical application from the rest of the network, reducing the risk of compromise and limiting the potential impact of any security incidents.
Controlled Access: Ensures that only authorized users have access to the application, enhancing security and reducing the attack surface.
Minimized Risk: Segmentation helps in protecting the application from vulnerabilities that could be exploited from other parts of the network.
Other options, while beneficial, do not provide the same level of security for a critical application:
A. Disallow wireless access: Useful but does not provide comprehensive protection.
B. Deploy intrusion detection capabilities using a network tap: Enhances monitoring but does not provide the same level of isolation and control.
C. Create an acceptable use policy: Important for governance but does not provide technical security controls.
[References:, CompTIA SecurityX Study Guide, NIST Special Publication 800-125, "Guide to Security for Full Virtualization Technologies", "Network Segmentation Best Practices," Cisco Documentation, , , , , ]
