Due to a recent acquisition, the security team must find a way to secure several legacy applications. During a review of the applications, the following issues are documented: The applications are considered mission-critical. The applications are written in code languages not currently supported by the development staff. Security updates and patches will not be made available for the applications. Username and passwords do not meet corporate standards. The data contained within the applications includes both PII and PHI. The applications communicate using TLS 1.0. Only internal users access the applications. Which of the following should be utilized to reduce the risk associated with these applications and their current architecture?
A) Update the company policies to reflect the current state of the applications so they are not out of compliance.
B) Create a group policy to enforce password complexity and username requirements.
C) Use network segmentation to isolate the applications and control access.
D) Move the applications to virtual servers that meet the password and account standards.
Correct Answer:
Verified
Q397: A small firm's newly created website has
Q398: Users have reported that an internally developed
Q399: A large, multinational company currently has two
Q400: An organization based in the United States
Q401: A company wants to secure a newly
Q403: A hospital is using a functional magnetic
Q404: A company contracts a security consultant to
Q405: An online bank has contracted with a
Q406: A government entity is developing requirements for
Q407: An internal penetration tester finds a legacy
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents