New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CRISC Exam - Topic 1 Question 36 Discussion

Actual exam question for Isaca's CRISC exam
Question #: 36
Topic #: 1
[All CRISC Questions]

Which of the following would BEST mitigate the ongoing risk associated with operating system (OS) vulnerabilities?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Venita at May 06, 2022, 07:53 AM

Limited Time Offer

25%

Off

Get Premium CRISC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tamar
4 months ago
Yeah, B is the best choice for long-term security!
upvoted 0 times
...
Gerald
4 months ago
Surprised that people think D is enough, we need more than just identification!
upvoted 0 times
...
Daniela
4 months ago
A seems risky, just temporary fixes won't cut it.
upvoted 0 times
...
Jonell
4 months ago
I think C is better, permanent fixes are the way to go.
upvoted 0 times
...
Luisa
5 months ago
Definitely B, a solid patching process is key!
upvoted 0 times
...
Boris
5 months ago
I'm a bit confused; I feel like all options could help, but I think temporarily mitigating vulnerabilities isn't a long-term solution.
upvoted 0 times
...
Jina
5 months ago
I practiced a similar question where documenting a patching process was highlighted as essential, so I might lean towards that.
upvoted 0 times
...
Emogene
5 months ago
I think evaluating permanent fixes like patches and upgrades is crucial, but I wonder if just identifying vulnerabilities is enough.
upvoted 0 times
...
Deandrea
5 months ago
I remember we discussed the importance of having a solid patching process, but I'm not sure if that's the best answer here.
upvoted 0 times
...
Ezekiel
5 months ago
Hmm, I'm not sure if that's the right answer. Maybe I should consider the other options as well before making a decision.
upvoted 0 times
...
Annice
5 months ago
I think the key is to get to the root cause of the problem. The audit identified that the bank was failing to verify if securities were lost or stolen, so I'd focus on reviewing those policies and procedures first before doing anything else.
upvoted 0 times
...
Chauncey
5 months ago
Hmm, I'm not totally sure about this one. I know BootP and RARP are both related to network booting, but I'm not confident which one is the right answer here.
upvoted 0 times
...
Gabriele
5 months ago
This is a good one to test our understanding of valuation. I'll need to be really careful with the assumptions and calculations to get the right answer.
upvoted 0 times
...
Melissa
5 months ago
Hmm, I'm a bit confused on the specifics here. Does the fact that the companies are "blacklisted" mean they are part of an international boycott? I'll have to think this through step-by-step.
upvoted 0 times
...
Almeta
5 months ago
Okay, the key here is to find files owned by root with the SUID bit set in the /usr directory. I think option A is the way to go.
upvoted 0 times
...
Valda
5 months ago
Okay, let me think this through. Disparate treatment is when an employer treats someone differently based on a protected characteristic, so I'm going to go with option C.
upvoted 0 times
...

Save Cancel