Question: There is a time lag between the time when a security vulnerability is first published, and the time when a patch is delivereD.) Which of the following should be carried out FIRST to mitigate the risk during this time period?
A.) Identify the vulnerable systems and apply compensating controls
B.) Minimize the use of vulnerable systems
C.) Communicate the vulnerability to system users
D.) Update the signatures database of the intrusion detection system (IDS)

Download pdf (with explanations) edition of this exam.