CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

Your organization employs a proprietary industrial control system (ICS) in its manufacturing process. There are known vulnerabilities for which no patches exist due to the out-of-support nature of the system. As a cybersecurity analyst preparing a vulnerability management report, how should you classify this issue taking into account the inhibitors to remediation?

  • Indicate that no action is needed while accepting all inherent risks because the system is proprietary.

  • Advise the immediate discontinuation of the proprietary system until a patch is available.

  • Suggest waiting for a vendor-supplied patch as the sole course of action.

  • Recommend implementing compensating controls to minimize the risk posed by the vulnerabilities.

This question is for objective:
Reporting and Communication
Your Score:
Reporting and Communication
Security Operations
Vulnerability Management
Incident Response and Management