CDR ソリューションを使用したセキュリティ評価中に、セキュリティ エンジニアはシステム内の資産に関する次のレポートを生成します。

5 日後、EDR コンソールは、ホスト 0WIN23 がリモート アクセス型トロイの木馬に感染したことを報告します。感染の原因として最も考えられるのは次のどれですか。
正解:A
OWIN23 is running Windows 7, which is a legacy operating system. Many EDR solutions no longer provide full support for outdated operating systems like Windows 7, which has reached its end of life and is no longer receiving security updates from Microsoft. This makes such systems more vulnerable to infections and attacks, including remote access Trojans (RATs).
A . OWIN23 uses a legacy version of Windows that is not supported by the EDR: This is the most probable cause because the lack of support means that the EDR solution may not fully protect or monitor this system, making it an easy target for infections.
B . LN002 was not supported by the EDR solution and propagates the RAT: While LN002 is unmanaged, it is less likely to propagate the RAT to OWIN23 directly without an established vector.
C . The EDR has an unknown vulnerability that was exploited by the attacker: This is possible but less likely than the lack of support for an outdated OS.
D . OWIN29 spreads the malware through other hosts in the network: While this could happen, the status indicates OWIN29 is in a bypass mode, which might limit its interactions but does not directly explain the infection on OWIN23.
Reference:
CompTIA Security+ Study Guide
NIST SP 800-53, "Security and Privacy Controls forInformation Systems and Organizations" Microsoft's Windows 7 End of Support documentation