Which of the following should be the immediate action of the information security manager?

Posted by: Pdfprep Category: CISM Tags: , ,

A serious vulnerability is reported in the firewall software used by an organization.

Which of the following should be the immediate action of the information security manager?
A . Ensure that all OS patches are up-to-date
B . Block inbound traffic until a suitable solution is found
C . Obtain guidance from the firewall manufacturer
D . Commission a penetration test

Answer: C

Explanation:

The best source of information is the firewall manufacturer since the manufacturer may have a patch to fix the vulnerability or a workaround solution. Ensuring dial all OS patches are up-to-date is a best practice, in general, but will not necessarily address the reported vulnerability. Blocking inbound traffic may not be practical or effective from a business perspective. Commissioning a penetration test will take too much time and will not necessarily provide a solution for corrective actions.

Leave a Reply

Your email address will not be published.