Exam CS0-003 topic 1 question 16 discussion

I agreed with the comments of other colleagues below who selected answer A, had chosen B and spent a good amount of time reviewing it. After in-depth analysis, I realized and came to the conclusion that option A, “Proprietary Systems”, is the most appropriate. Proprietary systems are those controlled and managed by a specific vendor, and the company does not have the ability to make changes or updates without the vendor's assistance. This is evident in the situation described, where two critical systems cannot be updated due to a vendor device that the company does not have access to. On the other hand, legacy systems, which are older systems that are still in use, can be accessed and potentially updated by the company. However, in this scenario, the problem arises from systems that the company does not have access to, which is a characteristic of proprietary systems.

Properietary are like security appliances which are built and you don't have OS access and you cannot update until the vendor releases a patch for their own appliance

I believe answer is A - Proprietary system. The system is only known to the vendor and we have no full visibility with it.

I agreed with the comments of other colleagues below who selected answer A, had chosen B and spent a good amount of time reviewing it. After in-depth analysis, I realized and came to the conclusion that option A, “Proprietary Systems”, is the most appropriate. Proprietary systems are those controlled and managed by a specific vendor, and the company does not have the ability to make changes or updates without the vendor's assistance. This is evident in the situation described, where two critical systems cannot be updated due to a vendor device that the company does not have access to. On the other hand, legacy systems, which are older systems that are still in use, can be accessed and potentially updated by the company. However, in this scenario, the problem arises from systems that the company does not have access to, which is a characteristic of proprietary systems

Systems are critical and and involve a vendor appliance that the company does not have access to.

A. Proprietary systems because the company doesn't have access to them and it's not mentioned that the age of the system to imply that it would be B. legacy systems.

When we refer to proprietary systems, we mean systems or software that are owned and controlled by the company that produces and sells them. This ownership typically means that the vendor has exclusive rights to the source code and design, limiting the ability of other companies to modify, upgrade, or maintain those systems independently.

D. Lack of maintenance windows The fact that the two critical systems cannot be upgraded due to a vendor appliance represents a lack of maintenance windows. This means that there is no designated time when the systems can be taken offline for maintenance or upgrades without causing significant disruption to the organization's operations. Therefore, this inhibits the remediation of the associated vulnerabilities in these systems.

The best inhibitor to remediation that these systems and associated vulnerabilities represent is: **A. Proprietary systems** The critical systems cannot be upgraded because they rely on a vendor appliance that the company does not have access to, indicating that the systems are proprietary. This means that the company is dependent on the vendor for updates and upgrades, which limits the ability to remediate vulnerabilities independently.

Proprietary systems: These are systems or appliances that are developed and controlled by a specific vendor. In the context of your scenario, the critical systems cannot be upgraded due to being vendor-controlled appliances that the company does not have direct access to for upgrades or modifications. This situation is a common characteristic of proprietary systems, where the organization is dependent on the vendor for updates and cannot directly manage or remediate vulnerabilities on their own.

I chose A. Legacy systems are older systems that are no longer supported by the vendor. Because there is an upgrade available, that tells me it is still supported. So it has to be proprietary systems; something not owned by the operating company. They have to wait for the company that manufactured the system to give them access to the update.

The answer is A as it is explicitly stated that a 'vendor appliance' is the system in question, which are often proprietary hardware provided by the company that administrators do not have OS level access to. Think Fortinet/cisco appliances etc.

Just by what you'd excpect the definition of the word to be one would assume it's Proprietary but I believe it's actually Legacy. But under Topic 7B Proprietary systems are defined as being designed to serve a specific purpose and are tailored to an organization’s needs. Furthermore CompTIA goes on to specify that "They are often developed in-house, with the organization’s staff, rather than using outside vendors. Legacy systems are simply defined as "outdated systems or software applications that have been in use for an extended period". In this case the system is outdated but an "extended period" is a little too arbitrary. Poorly worded question in true CompTIA style but if it's testing who read the book then Legacy systems should be the answer here...

I select A Proprietary system because questions that relate to Legacy systems usually imply one way or another that the said system is "dated" or "old", if any of these kinds of word was used, the correct answer would be Legacy systems, but Proprietary Systems is right because it shows clearly that the systems are owned and protected and as such cannot be accessed like an "open-sourced" system.

Proprietary systems

Answer is B. Legacy Systems - These are older systems

A. Proprietary systems are systems that are owned and controlled by a specific vendor or manufacturer, and that use proprietary standards or protocols that are not compatible with other systems. Proprietary systems can pose a challenge for vulnerability management, as they may not allow users to access or modify their configuration, update their software, or patch their vulnerabilities