Posted by: Pdfprep
Post Date: November 20, 2020
A company relies on an ICS to perform equipment monitoring functions that are federally mandated for operation of the facility. Fines for non-compliance could be costly. The ICS has known vulnerabilities and can no longer be patched or updated. Cyber-liability insurance cannot be obtained because insurance companies will not insure this equipment.
Which of the following would be the BEST option to manage this risk to the company’s production environment?
A . Avoid the risk by removing the ICS from production
B . Transfer the risk associated with the ICS vulnerabilities
C . Mitigate the risk by restricting access to the ICS
D . Accept the risk and upgrade the ICS when possible
Answer: B
Leave a Reply