Exam SY0-701 topic 1 question 143 discussion

A. Segmentation Segmentation is the best approach to handle a critical business application running on a legacy server. By segmenting the legacy server from the rest of the network, you can limit the potential impact of any vulnerabilities associated with the legacy system. This approach allows the critical application to continue running while minimizing the risk to the rest of the network. Therefore, the correct answer is: A. Segmentation

Hardening involves implementing security measures to protect the application from threats while maintaining its availability. Segmentation and isolation can also be part of a security strategy, they are more about limiting access or separating the legacy system from other network segments, which might not be feasible for a critical business application that requires interaction with other systems.

Isolation (as stated in Comptia guides)

In this situation, I don't think hardening makes sense. Because it is a legacy system, it will still be vulnerable regardless of the security configuration of the system. If you add a firewall before the server, that starts to become segmentation. I also think that there is a theme here with the question bank for these types of questions where the answer for dealing with legacy servers is either segmentation or compensating controls. Decommissioning would be the best way but I don't think it works for this particular question because it doesn't recommend what to do after decommissioning so that the critical application can still run. Isolation doesn't make sense because then the network can't access the critical application. I hate these types of questions.

B. Isolation CompTIA Sec+ Student Guide - Unsupported systems and Applications: "One strategy for dealing with unsupported apps that cannot be replaced is to try to isolate them from other systems. The idea is to reduce opportunities for a threat actor to access the vulnerable app and run exploit code. Using isolation as a substitute for patch management is an example of a compensating control."

In the context of the CompTIA Security+ (SY0-701) Exam Objectives, managing legacy systems is crucial due to their inherent security challenges. These systems often lack vendor support, making them susceptible to vulnerabilities. To mitigate risks associated with legacy systems, isolation is a recommended strategy. Isolating legacy systems involves restricting their network access to essential communications only, thereby reducing potential attack vectors

B. Isolation Explanation: A legacy server running a critical business application poses security risks because it may no longer receive updates or security patches. Isolation is the best approach because it minimizes the risk of compromise while allowing the application to continue running.

For this question i choose "Segmentation" but.. Segmentation is ideal when the legacy server requires internet access through the company's web proxy. It keeps the server within a secure, isolated network segment, ensuring it can access the internet while minimizing risks to other parts of the network. Isolation is the better approach when the legacy server only needs to be powered on for specific local operations. It provides a higher level of security by completely separating the server from other systems and network resources.

A. Segmentation. Segmentation isolates the legacy server within the network, minimizing the attack surface while still allowing necessary communication. Other options: B-Isolation may be too restrictive C-Hardening is limited due to outdated systems D-Decommissioning isn't viable for critical applications. Segmentation provides a balanced approach, enhancing security while maintaining functionality.

A legacy server is a server that is running outdated or unsupported software or hardware, which may pose security risks and compatibility issues Hardening is the process of applying security measures and configurations to a system to reduce its attack surface and vulnerability

How about patching the legacy server first?

Isolation is the most effective approach to ensure the legacy system is protected while continuing to support critical business functions, making B the correct choice.

Given the constraints associated with legacy systems, B. Isolation is the most practical approach to mitigate security risks. By isolating the legacy server, you can protect it and the broader network from potential vulnerabilities.

D. Decommissioning While segmentation, isolation, and hardening can be useful security measures, the best long-term solution for a legacy application is to decommission it and replace it with a more modern and secure alternative. Legacy systems are often difficult to patch, update, and secure, making them prime targets for cyberattacks. By decommissioning the legacy server, the organization can reduce its attack surface and improve its overall security posture.

A Segmentation This is a critical business application if the system is isolated it would not function properly segmentation would Allow the legacy server to continue operating within the network while restricting its communication to only necessary systems and users. This reduces the attack surface and helps protect the rest of the network from potential vulnerabilities associated with the legacy server.

It is not Isolation. Isolation would mean blocking access altogether... That means it is either A or C. I am going with A though.

B. Isolation : Isolation goes a step further and completely cuts a system (critical business application) off from access to or from outside networks.