Chapter 86 · Quiz

Vulnerability Remediation — Quiz

Six multiple-choice questions and four matching questions. Submit for instant scoring and explanations.

Question 1 of 6
A software vendor releases an emergency patch for a zero-day vulnerability that is actively being exploited in the wild. How does this differ from a scheduled patch, and what does it require from the organization?
Question 2 of 6
An organization's cybersecurity insurance policy is invoked after a ransomware attack. The insurer denies a portion of the claim because the IT manager intentionally disabled the backup system two weeks before the attack to free up storage space. Which insurance principle does this denial reflect?
Question 3 of 6
A network administrator configures two VLANs on a single switch: VLAN 10 for the finance department and VLAN 20 for the HR department. A finance workstation needs to retrieve a report from an HR file server. What is required for this communication to succeed?
Question 4 of 6
A security team discovers a High-severity vulnerability in a critical manufacturing control system. The vendor has not released a patch, and applying any software change requires a full production shutdown. The system cannot be taken offline for weeks. Which approach best describes the appropriate immediate response?
Question 5 of 6
After deploying a patch to 500 servers, the patch management platform reports a 99% success rate (495 of 500). The security team plans to mark the remediation complete. What validation step should be performed before closing the ticket, and why?
Question 6 of 6
A security committee reviews a vulnerability that can only be exploited by someone with physical access to the server console in a locked, badge-access data center. The patch conflicts with a critical application that cannot be updated for 12 months. The committee documents the risk and formally approves deferring remediation. This is an example of:

Matching

Match each description to the correct remediation strategy.

1. Installing a vendor-released software update to remove the vulnerability from the system
2. Dividing the network into isolated zones so that exploitation of one system cannot freely reach the rest
3. Disabling a vulnerable service or restricting access to it as a temporary measure until the patch can be deployed
4. A formally approved committee decision to leave a vulnerability unremediated because patching is not currently feasible
A. Patching
B. Segmentation
C. Compensating controls
D. Exception / Exemption