A security analyst receives a CVE bulletin, which lists several products that are used in the enterprise. The analyst immediately deploys a critical security patch. Which of the following BEST describes the reason for the analyst’s immediate action?
A.
Nation-state hackers are targeting the region.
B.
A new vulnerability was discovered by a vendor.
I can see why people would say B. The CVE website says it's program is to identify, define and catalog publicly disclosed cyber security vulnerabilities. But because the analyst has deployed an immediate patch that means there must be a known exploit for the vulnerability.
In my opinion if a known exploit of the vulnerability is detected, that's way worse that just discovering a new vulnerability. A known exploit would require immediate action, then I'll go with C. Feel free to discuss
A CVE (Common Vulnerabilities and Exposures) bulletin lists information about known security vulnerabilities in software or hardware products. If a security analyst receives a bulletin that lists several products used in the enterprise and the bulletin mentions a new vulnerability, the immediate action of deploying a critical security patch is appropriate. However, if a known exploit was discovered, the analyst might take other additional steps in addition to patching, such as monitoring network traffic for signs of exploitation and implementing mitigation techniques. So, the answer is B. A new vulnerability was discovered by a vendor.
To determine whether the recent attacks on a company's network were identical, the company should use the Diamond Model of Intrusion Analysis. This model is a framework for analyzing and understanding the various stages of a cyber attack and the techniques and tools used by the attacker. The Diamond Model provides a structured approach to gather and analyze data from the attack, such as IP addresses, domains, and files, and then compare them to previous attacks to determine if they are identical or not.
A CVE bulletin typically lists products that are affected by a newly-discovered vulnerability, and deploying a critical security patch is typically the recommended response to address the vulnerability. This approach helps to protect the enterprise from potential exploitation of the vulnerability by hackers or other malicious actors. The other options you provided are not typically included in a CVE bulletin or related to the deployment of a security patch.
A new vulnerability was discovered by a vendor. CVE is vulnerability of a hardware/software per vendor or brand
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CS0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
JoshA47
Highly Voted 2 years, 4 months ago2Fish
2 years, 1 month agoreidsel
Highly Voted 2 years, 4 months agoBubu3k
Most Recent 1 year, 8 months agoDez1
2 years, 1 month agobrollo
2 years, 1 month agokmanb
2 years, 3 months agoiraidesc
2 years, 3 months agobob12356
2 years, 4 months agoiking
2 years, 5 months ago