Notifications
Clear all
Topic starter
03/06/2022 10:31 pm
A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:
Which of the following MOST appropriate corrective action to document for this finding?
- A . The product owner should perform a business impact assessment regarding the ability to implement a WA
- C . The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.
- D . The system administrator should evaluate dependencies and perform upgrade as necessary.
- E . The security operations center should develop a custom IDS rule to prevent attacks
buffer overflows against this server.
Suggested Answer: A