An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?
D. Compensating controls
The actions taken by the organization—disabling unneeded services and placing a firewall in front of a business-critical legacy system—are examples of compensating controls. Compensating controls are security measures that are implemented to mitigate risk when the primary controls are not feasible or sufficient. In this case, since the legacy system might have inherent vulnerabilities that cannot be fully addressed, the organization has implemented additional controls to reduce the risk.
Therefore, the correct answer is:
D. Compensating controls
By implementing compensating controls (disabling unneeded services and using a firewall), the organization is mitigating the risks associated with the legacy system in the absence of being able to fully secure it through traditional means.
Segmentation means seperate, you're not seperating anything. You're disabling one thing and inputting something else to implement additional security. D is correct.
Compensating controls is the best choice because the actions taken by the organization are intended to mitigate the risks associated with a legacy system when more standard security measures cannot be applied. By implementing these alternative controls, the organization effectively enhances the security of the legacy system without requiring direct updates or changes to its structure.
best describes the "actions taken"??
Segmentation is the action taken by the organisation to have Compensating controls. B is the corect answer. Hope that helps.
The actions taken by the organization best describe
D. Compensating controls.
These measures are implemented to mitigate potential risks associated with the legacy system, ensuring its security despite inherent vulnerabilities.
Compensating controls are alternative measures implemented to mitigate the risk of a vulnerability when the primary controls cannot be applied. In this scenario, the organization has:
Disabled unneeded services: This reduces the attack surface of the legacy system, limiting potential vulnerabilities.
Placed a firewall in front of the system: This provides an additional layer of security, controlling and monitoring the traffic to and from the legacy system.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Th3irdEye
Highly Voted 7 months, 4 weeks agoEtc_Shadow28000
Highly Voted 7 months agoG3O
Most Recent 1 week, 4 days agodeejay2
2 months, 3 weeks agodbrowndiver
5 months, 1 week agoCyberPark17
7 months, 2 weeks agonetworkmen
7 months, 3 weeks agojohnsongr8
7 months, 3 weeks agoSHADTECH123
7 months, 3 weeks agowhatsupdeepak
7 months, 3 weeks ago