Examice

Exam CAS-004 All QuestionsBrowse all questions from this exam

Question 423

A security team performed an external attack surface analysis and discovered the following issues on a group of application servers:

• The majority of the systems have end-of-life operating systems.

• The latest patches that are available are over two years old.

• The systems are considered mission critical for client support.

• The proprietary software running on the systems is not compatible with newer versions of the operating system.

• Server outages would negatively affect quarterly revenue projections.

Which of the following would allow the security team to immediately mitigate the risks inherent to this situation?

Implement a WAF between the application servers and the external perimeter.

Contact the vendor for the proprietary software and negotiate a new maintenance contract.

Document the application servers as being end of life and define a target date for decommission.

Isolate the servers from the internet and configure an internal ACL, only allowing to authorized employees.

Correct Answer: D

To immediately mitigate the risks associated with outdated systems running mission-critical applications, isolating the servers from the internet and configuring an internal ACL to allow access only to authorized employees is the best course of action. This helps prevent external threats from exploiting the vulnerabilities in the end-of-life operating systems and outdated patches, while still allowing necessary internal access to ensure ongoing mission-critical operations.

Discussion

cf13076Option: D

D. Isolate the servers from the internet and configure an internal ACL, only allowing authorized employees. By isolating the servers from the internet and configuring an internal ACL to only allow authorized employees access, the security team can immediately mitigate the risks associated with the end-of-life operating systems and outdated patches on the application servers. This will help protect the systems from external threats while still allowing authorized employees to access them for mission-critical tasks.

saucehozzOption: D

D. The only answer that mitigates the risks

isaphiltrick

Sure, isolating servers from the Internet may mitigate the external risks, but what about the internal risks? Afterall, there haven't been any support or security updates for 2 years so no matter whether they're secluded or even air-gapped, they're still vulnerable.