A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files
to several foreign IP addresses. Which of the following would be an appropriate mitigation technique?
Disabling unnecessary accounts
Rogue machine detection
Encrypting sensitive files
Rogue machine detection is the process of detecting devices on the network that should not be there. If a userbrings in a laptop and plugs it into the network, the laptop is a “rogue machine”. The laptop could cause
problems on the network. Any device on the network that should not be there is classed as rogue.