CompTIA Security+ (SY0-601) — Question 3

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?

Answer options

• A. Default system configuration
• B. Unsecure protocols
• C. Lack of vendor support
• D. Weak encryption

Correct answer: C

Explanation

The correct answer, C, indicates that using legacy software often results in insufficient support from the vendor, making it difficult to address security vulnerabilities. Options A, B, and D may present risks, but they are not as directly related to the challenges posed by the absence of vendor support for outdated software.