Which of the following would most likely prevent exploitation of an end-of-life business-critical system?
Isolation is the most effective way to reduce the risk of exploitation for an end-of-life business-critical system that must remain operational.
An end-of-life (EOL) system no longer receives security patches, updates, or vendor support, making it highly vulnerable to cyberattacks. If the system is still business-critical and cannot yet be replaced, isolating it from other networks and limiting access significantly reduces the likelihood that attackers can exploit its vulnerabilities.
Monitoring can help detect suspicious activity or attempted attacks, but it does not prevent exploitation. Attackers may still successfully compromise the system before administrators can respond.
Isolation, also called network segmentation or system isolation, limits the system’s exposure to external threats by restricting network access and communication. Keeping the EOL system separated from the internet and other internal systems greatly reduces the attack surface and helps prevent exploitation.
Decommissioning would permanently eliminate the security risk by removing the system from service. However, the question specifies that the system is business-critical, meaning it likely cannot be immediately retired without disrupting operations.
Encryption protects the confidentiality of data, both at rest and in transit, but it does not prevent attackers from exploiting unpatched vulnerabilities in the operating system or applications.
For an end-of-life system that must continue operating, isolation is the best preventive measure because it minimizes exposure to attackers while allowing the organization to maintain critical business functions until the system can be replaced or upgraded.
Related Questions
View allAn organization designs an inbound firewall with a fall-open configura...
Which of the following is the best safeguard to protect against an ext...
A penetration tester enters an office building at the same time as a g...
Which of the following is a preventive physical security control?
A company that has a large IT operation is looking to better control s...
Related Quizzes
View allCompTIA A Plus Certification Exam
CompTIA A Plus Exam Questions
CompTIA A Plus 1001 Exams Practice
CompTIA A Plus Practice Exam
CompTIA CySA+ Cybersecurity Analyst Certification all in One Exam Guide
CompTIA Network Plus Certification Exam Quiz
CompTIA Security Plus Exam Answers
Free CompTIA Security Plus Practice Test
CompTIA Security Plus Simulation Questions
CompTIA Security Plus 501 Practice Questions
- ✓ 500+ Practice Questions
- ✓ Detailed Explanations
- ✓ Progress Analytics
- ✓ Exam Simulations