A serious vulnerability is reported in the firewall software used by an organization. Which of the
following should be the immediate action of the information security manager?
A.
Ensure that all OS patches are up-to-date
B.
Block inbound traffic until a suitable solution is found
C.
Obtain guidance from the firewall manufacturer
D.
Commission a penetration test
Explanation:
The best source of information is the firewall manufacturer since the manufacturer may have a
patch to fix the vulnerability or a workaround solution. Ensuring dial all OS patches are up-to-date
is a best practice, in general, but will not necessarily address the reported vulnerability. Blocking
inbound traffic may not be practical or effective from a business perspective. Commissioning a
penetration test will take too much time and will not necessarily provide a solution for corrective
actions.