What is the purpose of performing validation after a vulnerability scanning tool reports potential vulnerabilities?
To patch all the reported vulnerabilities immediately without further analysis
To assess the impact of potential vulnerabilities on the confidentiality, integrity, and availability (CIA) of the system
To calculate the risk score of the vulnerabilities using the Common Vulnerability Scoring System (CVSS)
To distinguish between false positives and true positives and confirm that the vulnerabilities are genuine