CISM Certified Information Security Manager – Question1387 - CISM Certified Information Security Manager

A serious vulnerability is reported in the firewall software used by an organization. Which of the following should be the immediate action of the information security manager?

A. Ensure that all OS patches are up-to-date
B. Block inbound traffic until a suitable solution is found
C. Obtain guidance from the firewall manufacturer
D. Commission a penetration test

Correct Answer: C

Explanation:

Explanation:
The best source of information is the firewall manufacturer since the manufacturer may have a patch to fix the vulnerability or a workaround solution. Ensuring dial all OS patches are up-to-date is a best practice, in general, but will not necessarily address the reported vulnerability. Blocking inbound traffic may not be practical or effective from a business perspective. Commissioning a penetration test will take too much time and will not necessarily provide a solution for corrective actions.