The correct answer is Coordinate with the system owner and the security team to reassess the heightened risk and determine appropriate mitigations.

Coordinate with the system owner and the security team to reassess the heightened risk and determine appropriate mitigations is correct because the authorizing official must respond to changed threat intelligence by re-evaluating the risk decision. The AO needs to engage the system owner and security staff to determine whether the residual risk remains acceptable and to identify appropriate mitigations or changes to the authorization.

This coordinated reassessment ensures that any technical testing, interim measures, or updates to the security documentation are based on a documented risk decision and aligned with continuous monitoring processes.

Request a focused update to the security control assessment that targets the specific vulnerability is not the best immediate answer because a focused assessment may be part of the response but it should follow a coordinated risk reassessment. The AO must first work with stakeholders to decide if the assessment is needed and what scope it should cover.

Defer any changes until the next scheduled security control assessment is incorrect because delaying action ignores an increased exploitation likelihood and may leave the system exposed. The AO must act when new intelligence materially changes risk rather than waiting for routine cycles.

Apply temporary compensating controls such as stricter access rules and increased monitoring while the situation is analyzed is not the best single choice because temporary controls might be appropriate but they should be implemented as part of the coordinated reassessment. The AO should oversee and document the decision rather than assume specific technical measures without stakeholder agreement.

Full AWS Practitioner Certification Question