Answered

Welcome to Westonci.ca, the place where your questions find answers from a community of knowledgeable experts. Our Q&A platform provides quick and trustworthy answers to your questions from experienced professionals in different areas of expertise. Get immediate and reliable solutions to your questions from a community of experienced professionals on our platform.

A regional transportation and logistics company recently hired its first ChiefInformation Security Officer (CISO). The CISO’s first project after onboardinginvolved performing a vulnerability assessment against the company’s publicfacing network. The completed scan found a legacy collaboration platformapplication with a critically rated vulnerability. While discussing this issue with theline of business, the CISO learns the vulnerable application cannot be updatedwithout the company incurring significant losses due to downtime or newsoftware purchases.

Required:
What BEST addresses these concerns?

Sagot :

Martebi

There are different ways to create solutions to problem. What Best addresses these concerns is that;

  • The company should implement a WAF in front of the vulnerable application to filter out any traffic attempting to exploit the vulnerability.

How do firms use a WAF to protect their applications?

  • A WAF is known to be often used by firms to protects their web apps through the use of filtering, monitoring, and hindering (blocking)any forms of malicious HTTP/S traffic moving to the web application.

They often prevents any unauthorized data from leaving the app. This WF will be a useful approach to addresses these concerns in the above scenario.

See options below

Which of the following BEST addresses these concerns?

A. The company should plan future maintenance windows such legacy application can be updated as needed.

B. The CISO must accept the risk of the legacy application, as the cost of replacing the application greatly exceeds the risk to the company.

C. The company should implement a WAF in front of the vulnerable application to filter out any traffic attempting to exploit the vulnerability.

D. The company should build a parallel system and perform a cutover from the old application to the new application, with less downtime than an upgrade.

Learn more about vulnerability assessment from

https://brainly.com/question/25633298

Visit us again for up-to-date and reliable answers. We're always ready to assist you with your informational needs. We appreciate your visit. Our platform is always here to offer accurate and reliable answers. Return anytime. We're glad you chose Westonci.ca. Revisit us for updated answers from our knowledgeable team.