Question
Question 7 of 10
A medium size paper supply firm's web application allows customers to schedule appointments with their paper sales associate. Unfortunately, the application runs on outdated software and represents a security risk containing a remote code execution vulnerability.
However, because the software is needed for the company to function, they decide to implement an application-layer firewall to control incoming requests to the application.
What kind of risk response does this represent?
answer
Mitigation
Acceptance
Avoidance
Transference
A medium size paper supply firm's web application allows customers to schedule appointments with their paper sales associate. Unfortunately, the application runs on outdated software and represents a security risk containing a remote code execution vulnerability.
However, because the software is needed for the company to function, they decide to implement an application-layer firewall to control incoming requests to the application.
What kind of risk response does this represent?
answer
Mitigation
Acceptance
Avoidance
Transference
Answers
GPT-4o mini
The correct answer is **Mitigation**.
By implementing an application-layer firewall to control incoming requests, the medium-sized paper supply firm is taking steps to reduce the potential impact or likelihood of the security risk associated with the outdated software and its vulnerability. This action does not eliminate the risk completely, but it helps to manage and reduce it, which is characteristic of a mitigation strategy.
By implementing an application-layer firewall to control incoming requests, the medium-sized paper supply firm is taking steps to reduce the potential impact or likelihood of the security risk associated with the outdated software and its vulnerability. This action does not eliminate the risk completely, but it helps to manage and reduce it, which is characteristic of a mitigation strategy.