CompTIA CySA+ (CS0-002) — Question 348

A small organization has proprietary software that is used internally. The system has not been well maintained and cannot be updated with the rest of the environment. Which of the following is the BEST solution?

Answer options

• A. Virtualize the system and decommission the physical machine.
• B. Remove it from the network and require air gapping.
• C. Implement privileged access management for identity access.
• D. Implement MFA on the specific system.

Correct answer: B

Explanation

The best solution is to remove the system from the network and require air gapping, as this isolates it from potential threats and prevents further vulnerabilities. Virtualization may not address the underlying issues of the outdated software, while privileged access management and MFA would not eliminate the risks posed by such an unmaintained system.