PECB ISO-IEC-27035-Lead-Incident-Manager Exam - Topic 1 Question 9 Discussion

Actual exam question for PECB's ISO-IEC-27035-Lead-Incident-Manager exam

Question #: 9
Topic #: 1

[All ISO-IEC-27035-Lead-Incident-Manager Questions]

How should vulnerabilities lacking corresponding threats be handled?

AThey still require controls and should be promptly addressed

BThey should be disregarded as they pose no risk

CThey may not require controls but should be analyzed and monitored for changes

Show Suggested Answer

Suggested Answer: C

by Shawn at Apr 12, 2026, 11:09 AM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27035-Lead-Incident-Manager Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Sherill

2 days ago

I’m not entirely sure, but I feel like we discussed that even if there’s no immediate threat, we shouldn’t just ignore vulnerabilities. Could it be A?

upvoted 0 times

...

Cassi

7 days ago

I think I remember that vulnerabilities without threats still need some level of monitoring, so maybe option C is the right choice?

upvoted 0 times

...