🔥 40% Off Crucial Exams Memberships — This Week Only

2 days, 12 hours remaining!
Crucial Exams

ISC2 Systems Security Certified Practitioner (SSCP) Practice Question

Your company hosts its web application on Amazon EC2. A recent Amazon Inspector scan completed the discovery phase and produced a list of medium- and high-severity findings. Following the vulnerability management lifecycle, the security team needs to move to the next phase before any changes are made to the instances. Which action BEST represents the prioritization/analysis phase?

  • Run a new Amazon Inspector assessment to confirm that previously reported vulnerabilities no longer appear.

  • Apply the latest operating-system and application patches to all EC2 instances with AWS Systems Manager Patch Manager.

  • Use the CVSS scores from Amazon Inspector to rank findings and align them with business criticality to build a remediation backlog.

  • Document any remaining vulnerabilities and route a residual-risk acceptance memo to executive leadership for approval.

ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot