CS0-003 Domain 2: Vulnerability Management

Which compensating control mitigates unpatched legacy app?

Multiple choice — select one answer

Answer choices

  1. a. Cloud access security broker / DNS logs
  2. b. Service detection / SSL cipher tests
  3. c. Open critical count over time
  4. d. Network segmentation and WAF

Architectural breakdown & explanation

Segmentation limits exposure when patch impossible.

Correct answer(s): d. Network segmentation and WAF

Exam domain: Domain 2: Vulnerability Management (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the CompTIA CySA+ bank. Run a full timed practice exam with domain-weighted random questions in your browser.