CompTIA CySA+ CS0-003 Practice Question
During a routine vulnerability assessment, a cybersecurity analyst discovers a significant number of high-risk vulnerabilities on several critical systems. The analyst is tasked with creating a vulnerability management report for the IT management team. What key information should be included to ensure the team can prioritize and address these vulnerabilities effectively?
Action plans, Installation dates of affected systems, Names of users who reported the vulnerabilities
Vulnerabilities, Affected hosts, Risk score, Mitigation, Recurrence, Prioritization
Affiliated third-party vendors, Service-level agreements, Organizational governance, Degrading functionality
Metrics and KPIs, Trends of previous incidents, Mean time to respond on past vulnerabilities