CISA Certified Information Systems Auditor – Question1190

A validated patch to address a new vulnerability that may affect a mission-critical server has been released. What should be done immediately?

A.
Add mitigating controls.
B. Check the server’s security and install the patch.
C. Conduct an impact analysis.
D. Take the server off-line and install the patch.

Correct Answer: C