An organization relies on a legacy application that cannot be updated or patched due to business-critical dependencies. However, the IT security team is concerned about potential vulnerabilities. Which of the following is the BEST way to ensure the security of the network while maintaining the availability of the application?
You selected this option
Apply the latest security patches to all systems on the network, including the legacy application.
You selected this option
Implement an allow list for network access to the legacy application.
You selected this option
Replace the legacy application with a modern, more secure application that performs an equivalent function.
You selected this option
Conduct full network monitoring to detect any anomalous activities that might suggest a breach via the legacy application.
The correct option is to implement an allow list for the legacy application. This would ensure that only authorized users and traffic are allowed to interact with the application, reducing the risk of exploitation of its vulnerabilities. The incorrect options may offer some benefits, but they do not directly address the security risks associated with the use of a vulnerable legacy application without interfering with its operations. Applying the latest security patches might not be feasible for legacy applications due to compatibility issues, and full network monitoring or replacing the application might not be possible due to business dependencies.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an allow list and how does it work?
Open an interactive chat with Bash
Why can't I just apply security patches to legacy applications?
Open an interactive chat with Bash
What are some common vulnerabilities associated with legacy applications?