As the RADAR Program is preparing for the Preliminary Design Review (PDR), the system security engineering (SSE) team performs a vulnerability assessment of the legacy software code in the task management/radar control interface. This is a Level I critical component. The system security engineer requests the contractor submit a vulnerability code analysis. The contractor analyzes 2% of the code of interest and finds a high level of vulnerability based on 15 to 18 vulnerabilities per 10 thousand lines of code, with half the errors deemed most severe. Based on the high level of vulnerability in the sample code that was analyzed, which four of the following are reasonable next steps? (Select the four alternatives that apply.) Rewrite all the code (cost impact: Near Certainty (VH); risk reduction: 2) Determine if there is a subset of the legacy code with the high level of exploitable vulnerabilities (cost impact: Low Likelihood (L); risk reduction: 0) Establish secure shipping methods (cost impact: M; risk reduction: 1) Remediate the portion of the legacy code with the highest level of exploitable vulnerabilities (cost impact: High Likelihood (H); risk reduction: 2) Perform additional vulnerability analysis of some or all of the code (cost impact: Likely (M); risk reduction: 0) Determine whether there are protections that can be put around the legacy code to reduce the exposure of the vulnerabilities (cost impact: L-M, risk reduction: 2)