A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in place?
A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in place?
Deploying the COTS application with a hardened configuration is crucial for mitigating security risks. Hardening involves implementing secure settings, removing unnecessary features and services, and applying security best practices to reduce vulnerabilities and potential attack vectors. By configuring the COTS solution in a hardened manner, security professionals can minimize the potential for exploitation and unauthorized access, making it a vital control measure.
The risk of what? The application being dangerous to the corporate network or the application being vulnerable to external exploits? Either way segmentation makes more sense imo.
True. Network Segmentation makes sense. It minimize the exposure. How can you harden COTS? It's a ready-made product.
I would think this mean hardening the OS, not COTS
Exactly - ensuring no unnecessary ports or services are running, access to the internet is configured properly (if at all needed), proper acl is setup, etc.
Even if you harden the configuration It will not help If there is vulnerability in the software code which is exploited by attacker. Attacker may access your network through legitimate way to exploits your network If network segmentation is not in the place.
Refer to CISSP official study guide 9th chapter 20- 20.1.11
D. Hardening I am hardening security by segmenting and limit access as needed. Segmentation is a part of Hardening.
I remembered OSG recommended D, harderning config. for COTS. Again, very important, please confine my solution within the context here. A? network segmentation could be an option, but is not the first step I shall do and is out of question context. I choose D.
A. Network Segmentation - when introducing a new pet into your house, you have to learn the behavior and interaction with other pets before you let him loose. same here, as a security personnel you must know exactly what you introducing before hand and must be on segmented part of the network that shutting an interface can terminate all possible risks on the rest of the network. trust but verify
D. Hardened the system that will host the COTS. Segmenting it will kill the functionality of the solution.
D. Hardened configuration. Deploying the COTS application with a hardened configuration is an effective way to mitigate security risks. Hardening involves implementing secure settings, removing unnecessary features and services, and applying security best practices to reduce vulnerabilities and potential attack vectors. By configuring the COTS solution in a hardened manner, security professionals can minimize the potential for exploitation and unauthorized access.
ChatGPT says: D
Even if you put this in a separate network segment it needs to be hardened because it is off the shelf.
The question says control . Hardened configuration will mitigate if there is possibility of an attack. I will go with Network segmentation
Answer is D. A COTS application is not necessarily hardened by default. For example, the government uses STIGs to tell admins how to harden some applications.
I'm saying D. As far as risk from attackers goes, I would lean towards network segmentation, however, general risk includes a lot of other factors like user accessibility, interoperability issues, etc. Segmenting it could introduce a much larger and complex workload and ultimately make it risky in that sense.
Answer D) Hardened configuration This means you remove/change configurations you don't need/want as well as change default usernames/passwords/ports/etc... Segmenting a network won't help as it would still leave the COTS exposed with defaults readily available to be exploited.
think like a manager with technical experience and common sense :)
No one knows the configuration of COTS, and it didn't mention, then the best way is the segmentation to lower the exposure.
Harden configuration is important for cots.
D. Network segmentation isn't per application, it's separating prod and non-prod, so that's out. Blacklisting is blocking, to allow an application you whitelist but that just allows the application to run. D is the answer, when you harden the config you make it so that the attack surface is greatly reduced.