CompTIA CASP+ (CAS-004) — Question 124

A company recently acquired a SaaS provider and needs to integrate its platform into the company's existing infrastructure without impact to the customer's experience. The SaaS provider does not have a mature security program. A recent vulnerability scan of the SaaS provider's systems shows multiple critical vulnerabilities attributed to very old and outdated OSs. Which of the following solutions would prevent these vulnerabilities from being introduced into the company's existing infrastructure?

Answer options

• A. Segment the systems to reduce the attack surface if an attack occurs.
• B. Migrate the services to new systems with a supported and patched OS.
• C. Patch the systems to the latest versions of the existing OSs.
• D. Install anti-malware, HIPS, and host-based firewalls on each of the systems.

Correct answer: B

Explanation

The correct answer is B because migrating services to new systems with a supported and patched OS directly addresses the vulnerabilities associated with outdated operating systems. Options A, C, and D do not adequately resolve the underlying issue of using obsolete OSs, which can still pose significant risks even if systems are segmented, patched, or protected with security tools.