CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

During a routine vulnerability assessment, it is discovered that a financial application critical to year-end reporting contains a vulnerability that, if exploited, could compromise sensitive financial data. The patch for this vulnerability would necessitate multiple service interruptions over a week. With year-end financial processes pending, which recommendation should the cybersecurity analyst prioritize in the action plan to ensure the least disruption while maintaining security?

  • Proceed with repatching during the year-end processing period due to the critical nature of the vulnerability.

  • Increase logging and monitoring around the financial application but do not apply the patch or any compensating controls until an assessment post year-end is conducted.

  • Leave the system unpatched and accept the risk because year-end reporting is considered a higher priority.

  • Implement compensating controls and defer patching until after the year-end processing, minimizing disruption to business operations.

This question is for objective:
Reporting and Communication
Your Score:
Reporting and Communication
Security Operations
Vulnerability Management
Incident Response and Management