The answer is correct because during the validation process, manual verification or additional testing is usually needed to ascertain the accuracy of the vulnerability findings. Vulnerability scanners can sometimes generate false positives, where the vulnerability does not actually exist, or false negatives, where an existing vulnerability is not reported. Manual verification helps in confirming the true positives, reducing the risk of overlooking real threats or wasting resources on nonexistent issues.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are false positives and false negatives in vulnerability scanning?
Open an interactive chat with Bash
How do vulnerability scanners work?
Open an interactive chat with Bash
Why is manual verification necessary in the vulnerability assessment process?