An organization is reviewing their incident response plan in light of new threats detailed in a recent security bulletin. When prioritizing actions, which of the following is the BEST immediate step for the organization to take to prevent a breach?
Update the organization's security documentation to reflect the newly identified threats.
Immediately revise their incident response plan to include the new threats.
Assess and apply necessary patches or updates for documented vulnerabilities.
Monitor network traffic for indicators of compromise associated with the published threats.
When responding to new threats identified in security bulletins, it's crucial to first assess and apply appropriate patches or updates provided for known vulnerabilities. While monitoring for indicators of compromise is important, it does not prevent an attack, and updating documentation or revising response plans can be performed subsequently.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is applying patches considered the best immediate step?
Open an interactive chat with Bash
What are the risks of only monitoring for indicators of compromise?
Open an interactive chat with Bash
How does updating the incident response plan relate to threat management?