Your organization uses a popular office suite for document creation and spreadsheet management. The security team has discovered a reported vulnerability in the suite's document rendering component that could allow an attacker to execute arbitrary code. What is the FIRST action that should be taken to mitigate this threat?
You selected this option
Install a new, more powerful antivirus solution to detect potential exploitation attempts.
You selected this option
Apply the latest software patch provided by the vendor addressing the vulnerability.
You selected this option
Disable internet access for all systems running the vulnerable version of the office suite.
You selected this option
Change the default document format used within the organization to an alternative format.
The correct action to take first is to apply the software patch provided by the vendor if one is available. Patch management is a critical security control that can mitigate vulnerabilities that have been discovered and addressed by the software provider. Installing a new antivirus in this case would not remove the existing vulnerability in the software, although it might provide some protection against malware that attempts to exploit the vulnerability. Changing the document format might avoid the vulnerability, but it is not a viable long-term solution and would likely disrupt normal business operations. Disabling internet access would prevent some exploitation attempts, but would not address the vulnerability itself and would likely disrupt business operations.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is patch management?
Open an interactive chat with Bash
Why are software patches important?
Open an interactive chat with Bash
What could happen if I don't apply a security patch?