CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

A cybersecurity analyst is reviewing the vulnerabilities associated with an older, mission-critical application. The application cannot be updated or patched without significant downtime, which would impact business operations. After evaluating the application's vulnerabilities, it is determined that they are not actively being exploited in the wild and the potential impact is low. The environment is heavily monitored with numerous compensating controls in place to detect any malicious activity. Which course of action is most appropriate for the cybersecurity analyst to recommend in this scenario?

  • Recommend mitigating the risk immediately by taking the application offline for patching.

  • Recommend accepting the risk and continue monitoring for any changes in threat exposure.

  • Recommend avoiding the risk by ceasing the use of the application and seeking an alternative solution.

  • Recommend transferring the risk to a third-party vendor specializing in legacy application security.

Subscribe to avoid duplicate questions and track your progress over time

Your Score:
Vulnerability Management
Security Operations
Incident Response and Management
Reporting and Communication
CompTIA CySA+ CS0-003
  • Security Operations
  • Vulnerability Management
    • This question is filed here
  • Incident Response and Management
  • Reporting and Communication