As a cybersecurity analyst, you have discovered a zero-day vulnerability in a widely used enterprise application. What is the most appropriate initial action to take in terms of vulnerability management reporting?
Assess the risk score of the vulnerability and start working on the development of a patch before reporting.
Initiate an incident report to document the vulnerability and start the communication process with relevant stakeholders.
Focus on monitoring network traffic for any signs of exploitation before reporting to avoid unnecessary alarm.
Document the vulnerability and send out a general email to all employees to ensure they are aware.
Upon discovering a zero-day vulnerability, the analyst should immediately initiate an incident report. This report should include the vulnerability details, potential risks, and the affected systems. Although it is important to assess the risk score and develop mitigation strategies, the incident must be reported first to rapidly address and communicate the situation through proper channels because zero-day vulnerabilities can be actively exploited and no patch is available. Patching would not be immediately possible, as a patch does not exist for a zero-day, and simply monitoring the network might not be adequate given the criticality of the threat.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a zero-day vulnerability?
Open an interactive chat with Bash
Why is initiating an incident report the first step in handling a zero-day vulnerability?
Open an interactive chat with Bash
What are examples of 'relevant stakeholders' in a zero-day vulnerability report?