Certified Chief Information Security Officer (CCISO) — Question 82

An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.

Answer options

• A. Install software patch, configuration adjustment, software removal
• B. Install software patch, operate system, maintain system
• C. Discover software, remove affected software, apply software patch
• D. Software removal, install software patch, maintain system

Correct answer: A

Explanation

The correct answer, A, includes installing a software patch, making configuration adjustments, and removing software as primary methods for remediation. Options B and D include 'maintain system,' which is not a direct remediation method, while option C lacks critical adjustments and focuses incorrectly on discovering software rather than remediating vulnerabilities.