A serious vulnerability is reported in the firewall software used by an organization.
Which of the following should be the immediate action of the information security manager?
A . Ensure that all OS patches are up-to-date
B . Block inbound traffic until a suitable solution is found
C . Obtain guidance from the firewall manufacturer
D . Commission a penetration test
Answer: C
Explanation:
The best source of information is the firewall manufacturer since the manufacturer may have a patch to fix the vulnerability or a workaround solution. Ensuring dial all OS patches are up-to-date is a best practice, in general, but will not necessarily address the reported vulnerability. Blocking inbound traffic may not be practical or effective from a business perspective. Commissioning a penetration test will take too much time and will not necessarily provide a solution for corrective actions.
Leave a Reply