Exam CAS-004 topic 1 question 469 discussion

without interrupting services

Ans is D. The key word there is without interrupting the service. The best control to mitigate the risk without interrupting the service during the transition is: D. Configuring IPS and WAF with signatures. Implementing an Intrusion Prevention System (IPS) and a Web Application Firewall (WAF) with appropriate signatures can help detect and block malicious traffic targeting the vulnerable runtime engine. This approach allows the application to remain operational while providing an additional layer of security until the transition to modern environments is complete.

Selectively blocking traffic might help reduce the risk but could also prevent legitimate traffic, potentially affecting service availability or functionality. It is less targeted and effective than using an IPS and WAF to block known malicious activity.

Selectively blocking traffic on the affected port strikes a balance between security and operational continuity. It effectively mitigates the risk posed by the vulnerable and deprecated runtime engine while allowing the banking application to remain operational until the transition to a modern development environment is completed. This approach ensures that customer service is maintained without compromising security during the transitional phase. While IPS and WAF are valuable security measures, they are not specifically tailored to address the risks associated with a deprecated runtime engine. Configuring IPS and WAF with signatures is more effective for protecting against specific types of attacks but may not comprehensively mitigate the vulnerabilities in the runtime engine itself. Selectively blocking traffic on the affected port directly addresses the immediate risk posed by the deprecated component without introducing potential operational disruptions or incomplete protection scenarios that could arise from relying solely on IPS and WAF.