An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported. The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?
The best way to reduce the immediate risk associated with using an unsupported version of the software is to segregate the outdated software system from the main network. This approach helps contain the risk by isolating the vulnerable system, thereby minimizing the potential for it to expose other systems on the network to security threats. While monitoring network traffic and applying available patches are good practices, they do not mitigate the risk as quickly and effectively as network segregation. Closing unused ports can also be beneficial but does not offer the comprehensive risk reduction that segregation provides.
I think answer should be D
Yes it should be D as keeping the system out of main network will protect the network from any vulnerability exposure
I would go with D. put them on another VLAN.
I think the answer still should be B, because of the fact that "it will take six months until the software is running on current version". if it means in 6 months the version will be changed and be supported, doesn't make sense to segregate, but monitor.
Im so sorry but how exactly does monitoring the software reduce risk?
It should be D, the question is asking "to reduce", asking for mitigation. Monitoring is not a control. Monitoring and reviewing is a detective control
i feel like D is the safest but then wouldn't D disrupt business processes?
nvm it must be D
D is the best immediate action to reduce the associated risk
Older versions of software are no longer supported and may not be patched for new security vulnerabilities, so patching known vulnerabilities whenever possible helps minimize the risk of an attack.