A security analyst observes that a newly discovered vulnerability in a widely used library has no available patch from the vendor. The organization relies on this library in a customer-facing application. Which mitigation technique should be applied FIRST?

Question

Accepted Answer

B. Apply a compensating control such as a WAF rule or network segmentation while monitoring for vendor patch availability. When no vendor patch is available for a known vulnerability, compensating controls — such as Web Application Firewall (WAF) rules to block known exploit patterns, network segmentation to limit exposure, or enhanced monitoring — should be implemented immediately to reduce risk while awaiting the official patch. This aligns with the vulnerability management and mitigation techniques in the SY0-701 objectives.

A security analyst observes that a newly discovered vulnerability in a widely used library has no available patch from the vendor. The organization relies on this library in a customer-facing application. Which mitigation technique should be applied FIRST?

Related Questions

Discussion