A security analyst notices that a certain vulnerability keeps reappearing on the same set of systems despite repeated remediation efforts. What should be the analyst's primary focus in the vulnerability management report to address this issue?
Document mitigation efforts clearly.
Identify and address the root cause of the recurring vulnerability.
Consider escalating the issue to senior management.
Increase the frequency of vulnerability scans on the affected systems.
When a vulnerability keeps recurring, it is critical to investigate the underlying causes and include recommendations to prevent its recurrence in the report. The primary focus should be on identifying the root cause and implementing a permanent fix. Changes in configuration management might also be necessary to prevent reoccurrence. Other actions such as increasing scan frequencies, documenting efforts, and escalating to senior management can support the primary focus but should follow root cause analysis.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a root cause analysis?
Open an interactive chat with Bash
How does configuration management play a role in preventing recurring vulnerabilities?
Open an interactive chat with Bash
Why is increasing scan frequency not the best solution for recurring vulnerabilities?