CompTIA CySA+ (CS0-002) — Question 314

A company's security team recently discovered a number of workstations that are at the end of life. The workstation vendor informs the team that the product is no longer supported, and patches are no longer available. The company is not prepared to cease its use of these workstations. Which of the following would be the
BEST method to protect these workstations from threats?

Answer options

• A. Deploy whitelisting to the identified workstations to limit the attack surface.
• B. Determine the system process criticality and document it.
• C. Isolate the workstations and air gap them when it is feasible.
• D. Increase security monitoring on the workstations.

Correct answer: C

Explanation

Isolating the workstations and air gapping them provides the most effective defense against threats, as it disconnects them from potentially harmful external networks. While whitelisting and increased monitoring can help, they do not mitigate the inherent risks of using unsupported systems as effectively as isolation does.