A vulnerability scan has identified a critical flaw in a company's legacy web application. The company is unable to update the application due to dependencies on outdated technologies. What is the BEST action to mitigate the risk posed by this vulnerability?
You selected this option
Isolate the application on its own network segment
You selected this option
Raise awareness and provide training about the vulnerability
You selected this option
Implement a web application firewall (WAF)
You selected this option
Change business requirements to discontinue the use of the application
Implementing a web application firewall (WAF) is the best mitigation in this scenario. It provides an additional layer of security by filtering and monitoring HTTP traffic between the application and the internet. Unlike patching or updating, which may not be possible due to dependencies, a WAF can help protect the vulnerable application by blocking malicious traffic. Changing business requirements may not adequately address the security risk, and while awareness and training are important, they don't directly mitigate the vulnerability.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Web Application Firewall (WAF)?
Open an interactive chat with Bash
What types of attacks can a WAF help prevent?
Open an interactive chat with Bash
Why can't the legacy application be updated in this scenario?