Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 17

An engineer received an alert of a zero-day vulnerability affecting desktop phones through which an attacker sends a crafted packet to a device, resets the credentials, makes the device unavailable, and allows a default administrator account login. Which step should an engineer take after receiving this alert?

Answer options

• A. Initiate a triage meeting to acknowledge the vulnerability and its potential impact
• B. Determine company usage of the affected products
• C. Search for a patch to install from the vendor
• D. Implement restrictions within the VoIP VLANS

Correct answer: C

Explanation

The correct answer is C because searching for a patch from the vendor is crucial in addressing the zero-day vulnerability before it can be exploited further. While options A and B are important for understanding the situation, they do not directly mitigate the vulnerability. Option D, while useful, does not address the root cause of the issue, which is the vulnerability itself.