A Nessus scan reveals a critical SSH vulnerability (CVSS 9.0) allowing potential remote code execution on a Linux server. What action should be immediately prioritized?
A.
Redirect SSH traffic to another server
B.
Treat the finding as a possible false positive
C.
Immediately apply vendor patches and reboot during scheduled downtime
D.
Temporarily isolate the affected server, conduct a forensic audit, and then patch
According to the CEH Vulnerability Assessment and Incident Response modules, vulnerabilities with high CVSS scores and potential RCE must be treated as active threats.
CEH best practices recommend:
Immediate containment (network isolation)
Investigation and impact analysis
Patch application
Recovery
Option D follows the CEH incident response lifecycle precisely.
Option C is incomplete without containment.
Options A and B are unsafe.
CEH emphasizes containment before remediation.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit