After the discovery of a significant new vulnerability that affects a widely used web server application, your organization needs to determine the most appropriate response. The vulnerability allows remote code execution and has a high CVSS score. There is a patch available, but extensive testing has not yet been completed. What is the most appropriate immediate action to take?
Implement the untested patch immediately to all production servers to mitigate the vulnerability as quickly as possible.
Disconnect all web servers from the network until the patch can be tested, sacrificing availability for security.
Accept the risk and wait for other organizations to report on the patch's effectiveness before applying it.
Implement a compensating control until the patch can be fully tested and deployed.
The correct answer is 'Implement a compensating control until the patch can be fully tested and deployed.' In this scenario, where a critical vulnerability is present and a patch is available but not fully tested, it is essential to ensure the security of the environment while preventing service interruptions. Compensating controls are temporary measures put in place until the primary control (patch) can be implemented. On the other hand, implementing an untested patch risks unintended consequences which could disrupt services, and simply accepting the risk leaves the system vulnerable to potential attacks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a compensating control?
Open an interactive chat with Bash
What is a CVSS score and why is it important?
Open an interactive chat with Bash
Why is it risky to immediately apply an untested patch in production?