A security team identifies a critical vulnerability on a server supporting a mission-critical business process. Remediation requires taking the server offline, which will cause an unacceptable business interruption. What is the most appropriate initial strategy to address this risk?
Postpone the remediation until the next scheduled maintenance window.
Immediately apply the patch to eliminate the vulnerability.
Accept the risk until a less disruptive remediation is possible.
Implement compensating controls to reduce the immediate risk.
The most appropriate initial strategy is to implement compensating controls. This allows the organization to reduce the immediate risk of the critical vulnerability while a plan is made to apply the permanent fix (the patch) in a way that minimizes business disruption, such as during a scheduled maintenance window. Immediately applying the patch ignores the stated business requirement of no interruption. Postponing remediation or simply accepting the risk without any mitigation leaves the organization unacceptably exposed to a critical threat.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are compensating controls in cybersecurity?
Open an interactive chat with Bash
Why is it important to minimize business disruption during vulnerability remediation?
Open an interactive chat with Bash
What factors should a security team consider before applying a patch to a critical system?