A routine vulnerability scan identifies a newly disclosed zero-day flaw (CVSS 9.8) in the HTTPS stack of an internet-facing web server. The vendor has not released a patch or official workaround. Which immediate action will best mitigate the risk until a permanent fix becomes available?
Escalate the finding to senior management and await further guidance
Block all external network access to the web server until a patch is available
Begin drafting a post-incident lessons-learned report
Install the latest OS and application patches even though the vulnerability remains
Because no vendor patch currently exists, the quickest way to prevent exploitation is to block the vulnerable service from external access-either by disconnecting the host or by enforcing a firewall rule that denies inbound traffic to the web server. This containment (isolation) reduces the attack surface while you monitor for a patch, test it, and schedule full remediation. Other options (installing existing but ineffective patches, performing post-incident analysis, or waiting for management direction) do not immediately remove exposure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is isolating the affected server the most effective first step?
Open an interactive chat with Bash
What are some common methods used to isolate a server?
Open an interactive chat with Bash
What might happen if I don't isolate the server right away?