nerdexam
Exams350-201Questions#110
Cisco

350-201 · Question #110

350-201 Question #110: Real Exam Question with Answer & Explanation

The correct answer is C: Remediate all vulnerabilities with descending CVSS score order.. When multiple vulnerabilities are detected, they should be remediated in order of descending CVSS score to address the most critical risks first.

Question

Refer to the exhibit. Based on the detected vulnerabilities, what is the next recommended mitigation step?

Exhibit

350-201 question #110 exhibit

Options

  • AEvaluate service disruption and associated risk before prioritizing patches.
  • BPerform root cause analysis for all detected vulnerabilities.
  • CRemediate all vulnerabilities with descending CVSS score order.
  • DTemporarily shut down unnecessary services until patch deployment ends.

Explanation

When multiple vulnerabilities are detected, they should be remediated in order of descending CVSS score to address the most critical risks first.

Common mistakes.

  • A. Evaluating service disruption before prioritizing is a secondary consideration - CVSS scores already factor in exploitability and impact, providing a ready-made prioritization framework that should be applied directly.
  • B. Root cause analysis is a post-incident or post-remediation activity and is not the immediate mitigation step when vulnerabilities have been detected and need to be addressed.
  • D. Temporarily shutting down services causes unnecessary business disruption and is not the recommended standard approach for patch deployment prioritization when CVSS scoring already guides sequencing.

Concept tested. Vulnerability prioritization using CVSS scoring

Reference. https://www.first.org/cvss/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 350-201 Practice