Free CompTIA CySA+ CS0-003 Practice Question

After the discovery of a significant new vulnerability that affects a widely used web server application, your organization needs to determine the most appropriate response. The vulnerability allows remote code execution and has a high CVSS score. There is a patch available, but extensive testing has not yet been completed. What is the most appropriate immediate action to take?

  • Disconnect all web servers from the network until the patch can be tested, sacrificing availability for security.

  • Accept the risk and wait for other organizations to report on the patch's effectiveness before applying it.

  • Implement a compensating control until the patch can be fully tested and deployed.

  • Implement the untested patch immediately to all production servers to mitigate the vulnerability as quickly as possible.

This question's topic:
CompTIA CySA+ CS0-003 / 
Vulnerability Management
Your Score:

Check or uncheck an objective to set which questions you will receive.