Question
After finding some of the company's confidential data on the internet, a software team is drafting a policy on vulnerability response and remediation. What remediation practice refers to measures put in place to mitigate the risk of a vulnerability when the team cannot directly eliminate it?
Answers
GPT-4o mini
The remediation practice that refers to measures put in place to mitigate the risk of a vulnerability when it cannot be directly eliminated is known as **"compensating controls."** Compensating controls are alternative measures that are implemented to reduce the risk or impact of a vulnerability when traditional remediation techniques, such as patching or removing the vulnerability, are not feasible or immediate. These controls can include enhanced monitoring, access controls, increased security awareness, or other protective measures that help minimize exposure until a permanent solution can be achieved.