CompTIA PenTest+ (PT0-001) — Question 169

A company decides to remediate issues identified from a third-party penetration test done to its infrastructure. Management should instruct the IT team to:

Answer options

• A. execute the hot fixes immediately to all vulnerabilities found.
• B. execute the hot fixes immediately to some vulnerabilities.
• C. execute the hot fixes during the routine quarterly patching.
• D. evaluate the vulnerabilities found and execute the hot fixes.

Correct answer: D

Explanation

Option D is correct because it emphasizes the importance of evaluating vulnerabilities before taking action, ensuring that the most critical issues are addressed appropriately. Options A and B suggest immediate fixes without assessment, which could lead to overlooking the severity of certain vulnerabilities. Option C delays the response to vulnerabilities by waiting for the next scheduled patching, which may not be timely enough to protect the infrastructure.