A company has identified critical vulnerabilities in its web servers. As part of the action plan, what is the most appropriate first step the organization should take to mitigate these vulnerabilities?
Update the configuration management database (CMDB)
Apply available patches to the affected web servers
Initiate an awareness program to educate employees about the vulnerability
Implement compensating controls to reduce the risk
The correct first step in mitigating critical vulnerabilities is to perform initial triage and apply available patches or fixes. By doing so, you reduce the immediate risk posed by the vulnerabilities. Configuration management, compensating controls, and awareness training are all important parts of the overall action plan but should follow the immediate mitigation efforts.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are critical vulnerabilities, and why is patching them important?
Open an interactive chat with Bash
What is the purpose of a CMDB, and why isn't it the first step in mitigating vulnerabilities?
Open an interactive chat with Bash
What are compensating controls, and when should they be used in vulnerability management?