Question

A regional transportation and logistics company recently hired its first ChiefInformation Security Officer (CISO). The CISO’s first project after onboardinginvolved performing a vulnerability assessment against the company’s publicfacing network. The completed scan found a legacy collaboration platformapplication with a critically rated vulnerability. While discussing this issue with theline of business, the CISO learns the vulnerable application cannot be updatedwithout the company incurring significant losses due to downtime or newsoftware purchases.
Required:
What BEST addresses these concerns?

Answer 1

There are different ways to create solutions to problem. What Best addresses these concerns is that;

• The company should implement a WAF in front of the vulnerable application to filter out any traffic attempting to exploit the vulnerability.

How do firms use a WAF to protect their applications?

• A WAF is known to be often used by firms to protects their web apps through the use of filtering, monitoring, and hindering (blocking)any forms of malicious HTTP/S traffic moving to the web application.

They often prevents any unauthorized data from leaving the app. This WF will be a useful approach to addresses these concerns in the above scenario.

See options below

Which of the following BEST addresses these concerns?

A. The company should plan future maintenance windows such legacy application can be updated as needed.

B. The CISO must accept the risk of the legacy application, as the cost of replacing the application greatly exceeds the risk to the company.

C. The company should implement a WAF in front of the vulnerable application to filter out any traffic attempting to exploit the vulnerability.

D. The company should build a parallel system and perform a cutover from the old application to the new application, with less downtime than an upgrade.

Learn more about vulnerability assessment from

brainly.com/question/25633298