CompTIA Security+ (SY0-601) — Question 204

A manufacturing company has several one-off legacy information systems that cannot be migrated to a newer OS due to software compatibility issues. The OSs are still supported by the vendor, but the industrial software is no longer supported. The Chief Information Security Officer has created a resiliency plan for these systems that will allow OS patches to be installed in a non-production environment, while also creating backups of the systems for recovery. Which of the following resiliency techniques will provide these capabilities?

Answer options

• A. Redundancy
• B. RAID 1+5
• C. Virtual machines
• D. Full backups

Correct answer: C

Explanation

The correct answer is C, as virtual machines allow for the creation of isolated environments where OS patches can be tested without affecting production systems. Options A and B do not specifically address the need for isolated environments for patching, while D only pertains to backup processes without providing a way to safely test OS updates.