An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available.
What should the auditor recommend be done FIRST?
A . Implement a new system that can be patched.
B. Implement additional firewalls to protect the system.
C. Decommission the server.
D. Evaluate the associated risk.
Answer: D
Latest CISA Dumps Valid Version with 2694 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund