A. Segmentation
Segmentation is the best approach to handle a critical business application running on a legacy server. By segmenting the legacy server from the rest of the network, you can limit the potential impact of any vulnerabilities associated with the legacy system. This approach allows the critical application to continue running while minimizing the risk to the rest of the network.
Therefore, the correct answer is:
A. Segmentation
Hardening involves implementing security measures to protect the application from threats while maintaining its availability. Segmentation and isolation can also be part of a security strategy, they are more about limiting access or separating the legacy system from other network segments, which might not be feasible for a critical business application that requires interaction with other systems.
hardening involves measures such as patches, removing unnecessary services, and tightening configurations to reduce vulnerabilities. While hardening is crucial, it may not be sufficient on its own for handling a legacy server due to the inherent limitations and risks of older systems.
Isolation, might be better strategy because it minimizes the exposure of the lacy server to the rest of the network and reduce potential impact of any security issues on other systems.
B. Isolation
CompTIA Sec+ Student Guide - Unsupported systems and Applications: "One strategy for dealing with unsupported apps that cannot be replaced is to try to isolate them from other systems. The idea is to reduce opportunities for a threat actor to access the vulnerable app and run exploit code. Using isolation as a substitute for patch management is an example of a compensating control."
In the context of the CompTIA Security+ (SY0-701) Exam Objectives, managing legacy systems is crucial due to their inherent security challenges. These systems often lack vendor support, making them susceptible to vulnerabilities. To mitigate risks associated with legacy systems, isolation is a recommended strategy. Isolating legacy systems involves restricting their network access to essential communications only, thereby reducing potential attack vectors
B. Isolation
Explanation:
A legacy server running a critical business application poses security risks because it may no longer receive updates or security patches. Isolation is the best approach because it minimizes the risk of compromise while allowing the application to continue running.
For this question i choose "Segmentation" but..
Segmentation is ideal when the legacy server requires internet access through the company's web proxy. It keeps the server within a secure, isolated network segment, ensuring it can access the internet while minimizing risks to other parts of the network.
Isolation is the better approach when the legacy server only needs to be powered on for specific local operations. It provides a higher level of security by completely separating the server from other systems and network resources.
A. Segmentation.
Segmentation isolates the legacy server within the network, minimizing the attack surface while still allowing necessary communication.
Other options:
B-Isolation may be too restrictive
C-Hardening is limited due to outdated systems
D-Decommissioning isn't viable for critical applications.
Segmentation provides a balanced approach, enhancing security while maintaining functionality.
A legacy server is a server that is running outdated or unsupported software or hardware, which may pose security risks and compatibility issues
Hardening is the process of applying security measures and configurations to a system to reduce its attack surface and vulnerability
Isolation is the most effective approach to ensure the legacy system is protected while continuing to support critical business functions, making B the correct choice.
Given the constraints associated with legacy systems, B. Isolation is the most practical approach to mitigate security risks. By isolating the legacy server, you can protect it and the broader network from potential vulnerabilities.
D. Decommissioning
While segmentation, isolation, and hardening can be useful security measures, the best long-term solution for a legacy application is to decommission it and replace it with a more modern and secure alternative. Legacy systems are often difficult to patch, update, and secure, making them prime targets for cyberattacks. By decommissioning the legacy server, the organization can reduce its attack surface and improve its overall security posture.
A Segmentation
This is a critical business application if the system is isolated it would not function properly
segmentation would Allow the legacy server to continue operating within the network while restricting its communication to only necessary systems and users. This reduces the attack surface and helps protect the rest of the network from potential vulnerabilities associated with the legacy server.
One of the best ways to handle a legacy server running a critical business application is to harden it. Hardening is the process of applying security measures and configurations to a system to reduce its attack surface and vulnerability
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Etc_Shadow28000
Highly Voted 9 months, 3 weeks agoAutoroTink
Highly Voted 10 months, 3 weeks agoa4e15bd
8 months agoAnyio
2 months, 1 week agoKonversation
Most Recent 6 days, 19 hours ago93d818a
4 weeks, 1 day agotest_arrow
1 month, 2 weeks ago585402e
1 month, 2 weeks agoAnyio
2 months, 1 week agoStunomatic
1 month agoITExperts
2 months, 1 week ago41c27e6
3 months agobaijaba
2 months, 2 weeks agoPhatcharaphon
3 months, 3 weeks agolaternak26
3 months, 4 weeks agoProudFather
4 months agodC_Furious
4 months, 2 weeks ago3dk1
4 months, 3 weeks agochalaka
4 months, 3 weeks ago839cf0e
4 months, 3 weeks ago9ef4a35
5 months ago