🔥 3-day streak
CompTIA SecurityX (CAS-005)40 / 120
Question 40 of 120

A business unit at a financial services firm needs to deploy a legacy application that cannot support the company's mandatory 15-character password standard; the vendor confirms the platform is limited to 8 characters and will not be updated for 18 months. The business unit wants to proceed to meet a regulatory reporting deadline. As the security governance lead, what is the MOST appropriate way to handle this deviation from the established standard?

Reviewed for accuracy · Report an issueNext question