In an audit finding, critical PCs (used to transfer large funds n these PCs do not hv Internet
access Nor email clients in them) were found to be pingable n could map drives to normal
PCs ( to hv internet access n drive sharing can propagate ransomwares/malware) in same
We were told these 2 different categories of PCs she'd be logically segregated. As we don't want
To create separate Vlans n do major network restructuring, Can we do
1. Super sub netting n use Cisco ACLs to segregate the 2 groups of PCs? Is this ACLs
using MAC address?
2. Create Windows firewall rules on the critical PCs
3. What else?