A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility with more secure libraries. Which of the following would be the MOST prudent course of action?

Questions › Category: SY0-601 › A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility with more secure libraries. Which of the following would be the MOST prudent course of action?

0 Vote Up Vote Down

Admin Staff asked 12 months ago

A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility with more secure libraries. Which of the following would be the MOST prudent course of action?

A. Accept the risk if there is a clear road map for timely decommission.

B. Deny the risk due to the end-of-life status of the application.

C. Use containerization to segment the application from other applications to eliminate the risk.

D. Outsource the application to a third-party developer group.





 

Correct Answer: A

This question is in SY0-601 exam
For getting CompTIA Security+ certificate