CompTIA CySA+ CS0-003 Practice Question
A cybersecurity analyst is tasked with managing vulnerabilities on the network. Among the assets are legacy systems that cannot be updated or patched due to vendor support limitations. Given this constraint, what is the BEST approach to mitigate the risks associated with these systems?
Applying patches without vendor support
Decommissioning the systems immediately
Implementing compensating controls
Accepting the risk without taking further action