CISSP Question #469: Real Exam Question with Answer & Explanation

Question

An organization operates a legacy Industrial Control System (ICS) to support its core business service, which carrot be replaced. Its management MUST be performed remotely through an administrative console software, which in tum depends on an old version of the Java Runtime Environment (JPE) known to be vulnerable to a number of attacks, How is this risk BEST managed?

Options

• AIsolate the full ICS by moving It onto its own network segment
• BAir-gap and harden the host used for management purposes
• CConvince the management to decommission the ICS and mitigate to a modem technology
• DDeploy a restrictive proxy between all clients and the vulnerable management station

Explanation

The question asks how to best manage the risk of a legacy ICS that requires remote management through a vulnerable Java-based administrative console that cannot be replaced.

Common mistakes.

• A. Isolating the entire ICS onto its own network segment reduces exposure but does not directly address the vulnerability in the management console's JRE, which could still be exploited by anyone with access to that segment.
• C. The question explicitly states the ICS cannot be replaced, making decommissioning not a viable option regardless of management persuasion.
• D. Deploying a restrictive proxy may filter some traffic but does not adequately protect against the full range of JRE vulnerabilities, especially application-layer exploits that could pass through the proxy.

Concept tested. Compensating controls for legacy ICS with vulnerable dependencies

Reference. https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-deployment

No community discussion yet for this question.