A security analyst is inspecting the results of a recent internal vulnerability scan that was performed against intranet services.The scan reports include the following critical-rated vulnerability: Title: Remote Command Execution vulnerability in web server Rating: Critical (CVSS 10.0)Threat actor: any remote user of the web serverConfidence: certain -Recommendation: apply vendor patchesWhich of the following actions should the security analyst perform FIRST?
A. Escalate the issue to senior management.
B. Apply organizational context to the risk rating.
C. Organize for urgent out-of-cycle patching.
D. Exploit the server to check whether it is a false positive.
Answer: B. Apply organizational context to the risk rating.
Computer Science & Information Technology
You might also like to view...
After issuing the proper command to configure a static route, the prompt does which of the following?
A) Does not change; remains at router (config#) B) Changes to router(config-static) C) Does not change; remains at router (config)# D) Changes to router (config-static)#
Computer Science & Information Technology
The process of stripping the header and trailer from a PDU is called ____________.
Fill in the blank(s) with the appropriate word(s).
Computer Science & Information Technology