A cybersecurity analyst is tasked with managing vulnerabilities on the network. Among the assets are legacy systems that cannot be updated or patched due to vendor support limitations. Given this constraint, what is the BEST approach to mitigate the risks associated with these systems?
Accepting the risk without taking further action
Applying patches without vendor support
Decommissioning the systems immediately
Implementing compensating controls