CompTIA
CAS-003 · Question #571
CAS-003 Question #571: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #571. The question stem and answer options stay visible for context.
Question
Due to a recent acquisition, the security team must find a way to secure several legacy applications. During a review of the applications, the following issues are documented: - The applications are considered mission-critical. - The applications are written in code languages not currently supported by the development staff. - Security updates and patches will not be made available for the applications. - Username and passwords do not meet corporate standards. - The data contained within the applications includes both PII and PHI. - The applications communicate using TLS 1.0. - Only internal users access the applications. Which of the following should be utilized to reduce the risk associated with these applications and their current architecture?
Options
- AUpdate the company policies to reflect the current state of the applications so they are not out
- BCreate a group policy to enforce password complexity and username requirements.
- CUse network segmentation to isolate the applications and control access.
- DMove the applications to virtual servers that meet the password and account standards.
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.