The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?

Posted by: Pdfprep Category: CAS-002 Tags: CompTIA CASP, CAS-002 exam questions, CAS-002 practice exam Post Date: December 8, 2020

The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?
A . Virtualize the system and migrate it to a cloud provider.
B . Segment the device on its own secure network.
C . Install an antivirus and HIDS on the system.
D . Hire developers to reduce vulnerabilities in the code.

Answer: B

Author

Pdfprep

Author

Leave a Reply Cancel reply