In determining which security weaknesses to address first, reliance on a singular numerical severity rating should be the primary method in all situations.
False
True
Relying exclusively on a numerical severity rating such as that provided by a standardized scoring system is not sufficient in all situations. In practice, vulnerability prioritization should incorporate additional factors such as the particular context of the systems involved, the value or sensitivity of the data or services affected, the potential impact on the business, and the existence of real-world exploits. This makes the prioritization process more nuanced and contextual to the specific environment the cybersecurity analyst is protecting.
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Join premium for unlimited access and more features
All plans include the following perks.
Our pricing is simple. Full access to all certifications and exams, for one price.
As many practice tests for as many topics as you want.
Use study mode non-stop, no limits.
No annoying ads and popups. Study without distractions.
Track your scores over time in study mode and report cards.
See how you improve over time, and where you need to focus.
Access our store with even more discounts than before.
Unlimited access to all PBQs and be prepared for the real thing.
Create an account or sign in to access our study materials.