Valid CAS-003 Dumps shared by EduDump.com for Helping Passing CAS-003 Exam! EduDump.com now offer the newest CAS-003 exam dumps, the EduDump.com CAS-003 exam questions have been updated and answers have been corrected get the newest EduDump.com CAS-003 dumps with Test Engine here:
A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?
Correct Answer: A
Explanation The payroll system is not meeting security policy due to missing OS security patches. We cannot apply the patches to the system because the vendor states that the system is only supported on the current OS patch level. Therefore, we need another way of securing the system. We can improve the security of the system and the other systems on the network by isolating the payroll system on a secure network to limit its contact with other systems. This will reduce the likelihood of a malicious user accessing the payroll system and limit any damage to other systems if the payroll system is attacked.