An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?
D. Compensating controls
The actions taken by the organization—disabling unneeded services and placing a firewall in front of a business-critical legacy system—are examples of compensating controls. Compensating controls are security measures that are implemented to mitigate risk when the primary controls are not feasible or sufficient. In this case, since the legacy system might have inherent vulnerabilities that cannot be fully addressed, the organization has implemented additional controls to reduce the risk.
Therefore, the correct answer is:
D. Compensating controls
By implementing compensating controls (disabling unneeded services and using a firewall), the organization is mitigating the risks associated with the legacy system in the absence of being able to fully secure it through traditional means.
Segmentation means seperate, you're not seperating anything. You're disabling one thing and inputting something else to implement additional security. D is correct.
Compensating controls is the best choice because the actions taken by the organization are intended to mitigate the risks associated with a legacy system when more standard security measures cannot be applied. By implementing these alternative controls, the organization effectively enhances the security of the legacy system without requiring direct updates or changes to its structure.
best describes the "actions taken"??
Segmentation is the action taken by the organisation to have Compensating controls. B is the corect answer. Hope that helps.
The actions taken by the organization best describe
D. Compensating controls.
These measures are implemented to mitigate potential risks associated with the legacy system, ensuring its security despite inherent vulnerabilities.
Compensating controls are alternative measures implemented to mitigate the risk of a vulnerability when the primary controls cannot be applied. In this scenario, the organization has:
Disabled unneeded services: This reduces the attack surface of the legacy system, limiting potential vulnerabilities.
Placed a firewall in front of the system: This provides an additional layer of security, controlling and monitoring the traffic to and from the legacy system.
This section is not available anymore. Please use the main Exam Page.SY0-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Th3irdEye
Highly Voted 11 months, 2 weeks agoEtc_Shadow28000
Highly Voted 10 months, 3 weeks agoEngAbood
Most Recent 3 months agoG3O
4 months agodeejay2
6 months, 1 week agodbrowndiver
9 months agoCyberPark17
11 months, 1 week agonetworkmen
11 months, 2 weeks agojohnsongr8
11 months, 2 weeks agoSHADTECH123
11 months, 2 weeks agowhatsupdeepak
11 months, 2 weeks ago