nerdexam
(ISC)2

CISSP · Question #1190

A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in ?

The correct answer is C. Hardened configuration. The best control to mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution is to deploy the application with a hardened configuration. A COTS solution is a type of software or hardware product that is ready-made, standardized, and available for purchase from a vend

Submitted by jian89· Mar 5, 2026Security Architecture and Engineering

Question

A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in ?

Options

  • AWhitelisting application
  • BNetwork segmentation
  • CHardened configuration
  • DBlacklisting application

How the community answered

(46 responses)
  • A
    15% (7)
  • B
    9% (4)
  • C
    72% (33)
  • D
    4% (2)

Explanation

The best control to mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution is to deploy the application with a hardened configuration. A COTS solution is a type of software or hardware product that is ready-made, standardized, and available for purchase from a vendor or a third party, without requiring any customization or modification by the customer or the user. A COTS solution can pose a security risk, as it may contain security vulnerabilities or issues that can be exploited by the attackers, or that may not comply with the security policies and standards of the organization. A hardened configuration is a type of security control that involves applying the security best practices and guidelines to configure the COTS solution, such as disabling or removing the unnecessary features, functions, or services, updating or patching the software or firmware, or enforcing the security settings or parameters. A hardened configuration can mitigate the risk of using a COTS solution, by reducing the attack surface and exposure of the COTS solution, and by enhancing the security, performance, and reliability of the COTS solution.

Topics

#COTS#security hardening#risk mitigation#secure configuration

Community Discussion

No community discussion yet for this question.

Full CISSP Practice