What you should do next?

seenagapeApril 26, 2014

You are the Risk Official in Bluewell Inc. You have detected much vulnerability during risk
assessment process. What you should do next?

PrepAway - Latest Free Exam Questions & Answers

A.
Prioritize vulnerabilities for remediation solely based on impact.

B.
Handle vulnerabilities as a risk, even though there is no threat.

C.
Analyze the effectiveness of control on the vulnerabilities’ basis.

D.
Evaluate vulnerabilities for threat, impact, and cost of mitigation.

Explanation:
Vulnerabilities detected during assessment should be first evaluated for threat, impact and cost of
mitigation. It should be evaluated and prioritized on the basis whether they impose credible threat
or not.
vulnerabilities. So, these are not immediate action after detecting vulnerabilities.
Answer B is incorrect. If detected vulnerabilities impose no/negligible threat on an enterprise then
it is not cost effective to address it as risk.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

What you should do next?

Leave a Reply Cancel reply