CompTIA CySA+ CS0-003 Practice Question
Your organization relies on a legacy system that cannot be easily replaced or upgraded due to its critical role in business operations. A new vulnerability has been discovered in this system, and immediate patching is not feasible. Which of the following actions should be prioritized to best address the vulnerability?
Implement compensating controls specifically designed to mitigate the risk associated with the vulnerability.
Plan an immediate upgrade of the system despite the associated business process interruption risks.
Disconnect the system from the network and cease all operations until a patch is available.
Ignore the vulnerability, accepting the risk due to the system's critical business function.