While assessing a web application, you detect a critical weakness that allows unauthorized commands to run on the server. The designated contact is not replying, and the business is exposed. Which action addresses this pressing concern?
Turn off the targeted server to halt suspicious activities until a response is received
Conclude all evaluations and summarize the vulnerability in the finalized report
Correlate evidence about the vulnerability and wait for the next scheduled briefing so everyone learns about the risk
Send a notification to the backup individual named in the project contact plan
Contacting the next official in the established chain ensures the pressing flaw is communicated to someone able to act. Delaying until a meeting risks further loss, disabling the server can disrupt the environment, and omitting an interim warning creates potential exposure. Logging details in the final report is not a direct response to an ongoing threat.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a project contact plan in the context of vulnerability management?
Open an interactive chat with Bash
Why is it critical to notify the backup contact when the primary contact is unavailable?
Open an interactive chat with Bash
What are the risks of delaying vulnerability communication until a scheduled briefing?