Crucial Exams

ISC2 CISSP Practice Question

A security assessment of a critical manufacturing system identified several high-risk vulnerabilities that cannot be patched due to operational constraints. When documenting these findings in the final report, what is the BEST approach to handling these exceptions?

  • You selected this option

    Document the vulnerabilities with compensating controls and a risk acceptance timeframe

  • You selected this option

    Document the vulnerabilities and outline interim measures since they are not fixed currently

  • You selected this option

    Recommend scheduling a system shutdown once patches can be applied

  • You selected this option

    Mark the vulnerabilities as false positives to clear them from the report

ISC2 CISSP
Security Assessment and Testing
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot