PrepAway - Latest Free Exam Questions & Answers

Which of the following should be the immediate action of the information security manager?

A serious vulnerability is reported in the firewall software used by an organization. Which of the
following should be the immediate action of the information security manager?

PrepAway - Latest Free Exam Questions & Answers

A.
Ensure that all OS patches are up-to-date

B.
Block inbound traffic until a suitable solution is found

C.
Obtain guidance from the firewall manufacturer

D.
Commission a penetration test

Explanation:

The best source of information is the firewall manufacturer since the manufacturer may have a
patch to fix the vulnerability or a workaround solution. Ensuring dial all OS patches are up-to-date
is a best practice, in general, but will not necessarily address the reported vulnerability. Blocking
inbound traffic may not be practical or effective from a business perspective. Commissioning a
penetration test will take too much time and will not necessarily provide a solution for corrective
actions.


Leave a Reply