When a major vulnerability in the security of a critical web server is discovered, immediate notification should be made to the:
A.
system owner to take corrective action.
B.
incident response team to investigate.
C.
data owners to mitigate damage.
D.
development team to remediate.
Explanation:
In order to correct the vulnerabilities, the system owner needs to be notified quickly before an incident can take place. Choice B is not correct because the incident has not taken place and notification could delay implementation of the fix. Data owners would be notified only if the vulnerability could have compromised data. The development team may be called upon by the system owner to resolve the vulnerability.