A security analyst is inspecting the results of a recent internal vulnerability scan that was performed against intranet services. The scan reports include the following critical-rated vulnerability: Title: Remote Command Execution vulnerability in web server Rating: Critical (CVSS 10.0) Threat actor: any remote user of the web server Confidence: certain Recommendation: apply vendor patches Which of the following actions should the security analyst perform FIRST?
A) Escalate the issue to senior management.
B) Apply organizational context to the risk rating.
C) Organize for urgent out-of-cycle patching.
D) Exploit the server to check whether it is a false positive.
Correct Answer:
Verified
Q246: A security engineer is configuring a wireless
Q247: A third-party penetration testing company was able
Q248: After a recent internal breach, a company
Q249: To determine the ALE of a particular
Q250: During a routine vulnerability assessment, the following
Q252: A company offers SaaS, maintaining all customers'
Q253: Company A agrees to provide perimeter protection,
Q254: A penetration tester is conducting an assessment
Q255: A security administrator needs to address the
Q256: A security administrator learns that PII, which
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents