nerdexam
CompTIA

CV0-003 · Question #525

Which of the following strategies will mitigate the risk of a zero-day vulnerability MOST efficiently?

The correct answer is D. Having a detailed incident response plan. Zero-day vulnerabilities have no available patch, so a detailed incident response plan is the most efficient mitigation because it enables rapid containment and recovery when exploitation occurs.

Security

Question

Which of the following strategies will mitigate the risk of a zero-day vulnerability MOST efficiently?

Options

  • AUsing only open-source technologies
  • BKeeping all resources up to date
  • CCreating a standby environment with a different cloud provider
  • DHaving a detailed incident response plan

How the community answered

(13 responses)
  • A
    8% (1)
  • C
    8% (1)
  • D
    85% (11)

Why each option

Zero-day vulnerabilities have no available patch, so a detailed incident response plan is the most efficient mitigation because it enables rapid containment and recovery when exploitation occurs.

AUsing only open-source technologies

Using open-source technologies does not reduce zero-day exposure, as open-source software is equally susceptible to unknown vulnerabilities and may have fewer dedicated security researchers monitoring it.

BKeeping all resources up to date

Keeping resources up to date patches known, disclosed vulnerabilities - but zero-day vulnerabilities have no available patch yet, so updates cannot address them.

CCreating a standby environment with a different cloud provider

A standby environment with a different cloud provider provides redundancy and disaster recovery, but does not prevent or mitigate the exploitation of a zero-day vulnerability.

DHaving a detailed incident response planCorrect

A zero-day vulnerability is by definition unknown to the vendor and has no patch available, which makes any patch-based or update-based defense ineffective before disclosure. A detailed incident response plan prepares the organization to quickly detect, isolate, and remediate exploitation as soon as a zero-day is identified, minimizing damage and recovery time. This is the most efficient mitigation strategy because it addresses the reality that the threat cannot be eliminated before it is discovered.

Concept tested: Zero-day vulnerability incident response strategy

Source: https://www.cisa.gov/resources-tools/resources/federal-government-cybersecurity-incident-and-vulnerability-response-playbooks

Topics

#zero-day vulnerability#incident response#risk mitigation#security strategy

Community Discussion

No community discussion yet for this question.

Full CV0-003 Practice