Exam CV0-003 topic 1 question 83 discussion

For me, it just makes sense to create a problem ticket first, then update the ticket stating you udated the risk register. D. Raise a problem ticket. Raising a problem ticket should be the first action taken by the administrator. This allows the issue to be formally documented and tracked, ensuring that it is properly addressed within the organization's processes and procedures. Additionally, it provides a means for communication with relevant stakeholders, including the application vendor, and helps prioritize the resolution of the security issue. Shutting down the server or upgrading the OS might be necessary steps in resolving the issue but should come after the problem ticket has been raised and the appropriate actions planned. Updating the risk register is important but not the first action to take in this scenario, as the immediate focus should be on addressing the security issue and initiating the resolution process.

Updating the risk register is the first and most appropriate action in this scenario. Here's why: Immediate action: While consulting the vendor is necessary, it's a longer-term solution. Updating the risk register immediately documents the identified security issue, its potential impact, and the ongoing mitigation efforts. Risk management: This step aligns with the principle of proactive risk management, which is essential in a secure government environment. Communication: Updating the risk register ensures that all relevant stakeholders are aware of the issue and its potential consequences. Once the risk register is updated, the administrator can proceed with other actions, such as isolating the VM or applying temporary mitigations while waiting for a permanent solution.

"first action WHILE working on a resolution" so something secondary to communicating with the vendor, essentially insinuating that they already have by this point. Since none of the answers says hot fix, the next possible logical step would be to figure out all the affected devices by updating the risk register.

The first action is update the risk register!!!

In a secure government environment, it is important to follow proper procedures and protocols when dealing with security issues. The risk register should be updated first to document the security issue and ensure that all necessary steps are taken to mitigate the risk. Shutting down the server or upgrading the OS should only be done after proper risk assessment and consultation with the application vendor. Raising a problem ticket may be necessary, but it should not be the first action taken in this situation.

D. Raise a problem ticket. The FIRST action that the cloud administrator should take while working on resolving the recently identified security issue on the OS of a VM that is running a facility-management application in a cloud environment is to raise a problem ticket. A problem ticket will allow the administrator to track the progress of the issue and ensure that it is being addressed in a timely manner. It will also allow for proper documentation of the issue and any actions taken to resolve it.

D. Raise a problem ticket. The first action the administrator should take while working on the resolution is to raise a problem ticket. This will ensure that the issue is properly documented, tracked, and communicated with the appropriate stakeholders. It also helps in prioritizing and managing the issue until it is resolved. In the meantime, the administrator can consult the application vendor for guidance on resolving the security issue.

I think it's correct with D. It emphasizes FIRST, and the first thing that is normally done in an IT department is create a ticket. When the Log4j vulnerability happened, our department created a ticket for each machine it was found on and assigned it to the VM owner.

C. The risk register is updated with information on new risks as an output of this process.

If it's an OS security issue, why are they contacting the application vendor? I'm not fully understanding the question.