Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
An organization is close to going live with the implementation of a cloud-based application. Independent penetration test results have been received that show a high-rated vulnerability. Which of the following would be the BEST way to proceed?
A.
Postpone the implementation until the vulnerability has been fixed.
B.
Commission further penetration tests to validate initial test results.
C.
Assess whether the vulnerability is within the organization's risk tolerance levels.
D.
Implement the application and request the cloud service provider to fix the vulnerability.
The Questions says: "..high-rated vulnerability. Which of the following would be the BEST way to proceed?"
so it's already known as high not risk tolerance in my opinion accept high-rated vulnerability
Moreover the key word is "BEST way to proceed" not saying the first
So the answer more to be:
D. Implement the application and request the cloud service provider to fix the vulnerability.
C. Assess whether the vulnerability is within the organization's risk tolerance levels.
Ultimately, the decision should be based on a comprehensive understanding of the vulnerability's impact on the organization's security posture and its ability to function effectively with the vulnerability in place.
The best way to proceed would be to assess whether the vulnerability is within the organization's risk tolerance levels. If the vulnerability is within the organization's risk tolerance levels, then the organization can proceed with the implementation of the cloud-based application. If the vulnerability is not within the organization's risk tolerance levels, then the organization can either postpone the implementation until the vulnerability has been fixed or commission further penetration tests to validate the initial test results.
C. Assess whether the vulnerability is within the organization's risk tolerance levels.
The best way to proceed in this situation is to assess whether the vulnerability is within the organization's risk tolerance levels. This will involve considering the severity of the vulnerability, the likelihood of it being exploited, and the impact of a successful attack. If the vulnerability is not within the organization's risk tolerance levels, then the implementation of the cloud-based application should be postponed until the vulnerability has been fixed.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
jcisco123
3 months agotestersaj
6 months, 2 weeks agooluchecpoint
7 months, 2 weeks agorichck102
9 months, 2 weeks agokoala_lay
10 months, 1 week agoJae_kes
10 months, 1 week agojcmu11
11 months ago