Which of the following is the best next step to ensure security?

A critical infrastructure switch is identified as end-of-support.

Which of the following is the best next step to ensure security?
A . Apply the latest patches and bug fixes.
B . Decommission and replace the switch.
C . Ensure the current firmware has no issues.
D . Isolate the switch from the network.

View Answer

Answer: B

Explanation:

Understanding End-of-Support:

End-of-Support Status: When a vendor declares a device as end-of-support, it means the device will no longer receive updates, patches, or technical support. This poses a security risk as new vulnerabilities will not be addressed.

Risks of Keeping an End-of-Support Device:

Security Vulnerabilities: Without updates, the switch becomes susceptible to new security threats.

Compliance Issues: Many regulatory frameworks require that critical infrastructure be maintained with supported and secure hardware.

Best Next Step – Replacement:

Decommission and Replace: The most secure approach is to replace the end-of-support switch with a new, supported model. This ensures the infrastructure remains secure and compliant with current standards.

Planning and Execution: Plan for the replacement by evaluating the network’s needs, selecting a suitable replacement switch, and scheduling downtime for the hardware swap. Comparison with Other Options:

Apply the Latest Patches: While helpful, this does not address future vulnerabilities since no further patches will be provided.

Ensure the Current Firmware Has No Issues: This is only a temporary measure and does not mitigate future risks.

Isolate the Switch from the Network: Isolating the switch may disrupt network operations and is not

a viable long-term solution.

Reference: CompTIA Network+ study materials on network maintenance and security best practices.