A monthly scan finds a critical remote-code-execution vulnerability on an internet-facing VPN appliance. The vendor has not released a patch for six weeks, but the service must stay online. Which short-term action is the best risk treatment?

Accept the risk and wait for the next scheduled scan cycle.

Waiting does not reduce exposure, and the appliance remains directly reachable from the internet.

Disable all logging so the appliance performs better under load.

Removing logs makes detection and investigation harder and offers no real security benefit.

Ignore the issue until the vendor confirms the vulnerability is being actively exploited.

Active exploitation is not required before mitigation; critical internet-facing issues should be addressed sooner.

What does this SY0-701 question test?

Static NAT maps one inside address to one outside address.

What is the correct answer to this question?

The correct answer is: Apply compensating controls such as strict access filtering, MFA, enhanced logging, and alerting. — Because no patch is available and the service must remain online, compensating controls are the best risk treatment. Limiting source access, enforcing MFA, and increasing monitoring reduce the chance of successful exploitation and improve the ability to detect abuse quickly. This approach is consistent with practical vulnerability management when immediate remediation is not possible. It lowers risk without taking the service offline. Why others are wrong: A leaves the organization exposed to a critical internet-facing weakness. C removes visibility and makes response harder. D is reactive and unsafe because waiting for exploitation defeats the purpose of vulnerability management. The right response is to reduce risk now while tracking the issue for permanent remediation.

What should I do if I get this SY0-701 question wrong?

Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.