This is a dedicated watch page for a single video.
A risk practitioner identifies several servers that have not been updated with patches in over a year because the operating systems are no longer supported. Given these servers still run mission-critical applications, which of the following should be done FIRST?