What is the purpose of performing validation after a vulnerability scanning tool reports potential vulnerabilities?
To distinguish between false positives and true positives and confirm that the vulnerabilities are genuine
To calculate the risk score of the vulnerabilities using the Common Vulnerability Scoring System (CVSS)
To assess the impact of potential vulnerabilities on the confidentiality, integrity, and availability (CIA) of the system
To patch all the reported vulnerabilities immediately without further analysis
|Incident Response and Management
|Reporting and Communication