After the discovery of a significant new vulnerability that affects a widely used web server application, your organization needs to determine the most appropriate response. The vulnerability allows remote code execution and has a high CVSS score. There is a patch available, but extensive testing has not yet been completed. What is the most appropriate immediate action to take?
Implement a compensating control until the patch can be fully tested and deployed.
Implement the untested patch immediately to all production servers to mitigate the vulnerability as quickly as possible.
Accept the risk and wait for other organizations to report on the patch's effectiveness before applying it.
Disconnect all web servers from the network until the patch can be tested, sacrificing availability for security.
The correct answer is 'Implement a compensating control until the patch can be fully tested and deployed.' In this scenario, where a critical vulnerability is present and a patch is available but not fully tested, it is essential to ensure the security of the environment while preventing service interruptions. Compensating controls are temporary measures put in place until the primary control (patch) can be implemented. On the other hand, implementing an untested patch risks unintended consequences which could disrupt services, and simply accepting the risk leaves the system vulnerable to potential attacks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are compensating controls and how do they work?
Open an interactive chat with Bash
What does CVSS stand for and why is it important?
Open an interactive chat with Bash
What risks are associated with not testing patches before deployment?