CompTIA CySA+ (CS0-002) — Question 103

Legacy medical equipment, which contains sensitive data, cannot be patched. Which of the following is the BEST solution to improve the equipment’s security posture?

Answer options

• A. Move the legacy systems behind a WAF
• B. Implement an air gap for the legacy systems
• C. Place the legacy systems in the perimeter network
• D. Implement a VPN between the legacy systems and the local network

Correct answer: B

Explanation

Implementing an air gap for the legacy systems is the best solution as it completely isolates them from the network, preventing unauthorized access and potential attacks. The other options, such as using a WAF or placing systems in the perimeter network, do not provide the same level of isolation and security for devices that cannot be patched.