nerdexam
(ISC)2

CISSP · Question #12

What is the BEST approach to addressing security issues in legacy web applications?

The correct answer is B. Migrate to newer, supported applications where possible. Migrating to newer, supported applications where possible is the best approach to addressing security issues in legacy web applications. Legacy web applications are web applications that are outdated, unsupported, or incompatible with the current technologies and standards. Legac

Submitted by jaden.t· Mar 5, 2026Security Architecture

Question

What is the BEST approach to addressing security issues in legacy web applications?

Options

  • ADebug the security issues
  • BMigrate to newer, supported applications where possible
  • CConduct a security assessment
  • DProtect the legacy application with a web application firewall

How the community answered

(40 responses)
  • A
    5% (2)
  • B
    60% (24)
  • C
    13% (5)
  • D
    23% (9)

Explanation

Migrating to newer, supported applications where possible is the best approach to addressing security issues in legacy web applications. Legacy web applications are web applications that are outdated, unsupported, or incompatible with the current technologies and standards. Legacy web applications may have various security issues, such as: Vulnerabilities and bugs that are not fixed or patched by the developers or vendors Weak or obsolete encryption and authentication mechanisms that are easily broken or bypassed Lack of compliance with the security policies and regulations that are applicable to the web Incompatibility or interoperability issues with the newer web browsers, operating systems, or platforms that are used by the users or clients Migrating to newer, supported applications where possible is the best approach to addressing security issues in legacy web applications, because it can provide several benefits, such as: Enhancing the security and performance of the web applications by using the latest technologies and standards that are more secure and efficient Reducing the risk and impact of the web application attacks by eliminating or minimizing the vulnerabilities and bugs that are present in the legacy web applications Increasing the compliance and alignment of the web applications with the security policies and regulations that are applicable to the web applications Improving the compatibility and interoperability of the web applications with the newer web browsers, operating systems, or platforms that are used by the users or clients

Topics

#legacy application security#application modernization#risk mitigation#security strategy

Community Discussion

No community discussion yet for this question.

Full CISSP Practice