CompTIA Security+ (SY0-501) — Question 432

A company has critical systems that are hosted on an end-of-life OS. To maintain operations and mitigate potential vulnerabilities, which of the following BEST accomplishes this objective?

Answer options

• A. Use application whitelisting.
• B. Employ patch management.
• C. Disable the default administrator account.
• D. Implement full-disk encryption.

Correct answer: A

Explanation

Application whitelisting is the most effective method for controlling which applications can run on a system, thereby mitigating the risk of vulnerabilities on an end-of-life OS. Patch management, while important, may not be applicable since the OS is no longer supported. Disabling the default administrator account does not directly address the vulnerabilities of the OS itself, and full-disk encryption, while enhancing data security, does not protect the system from exploitation of its outdated software.