CompTIA CySA+ CS0-003 Practice Question
You have conducted a vulnerability scan on the company's network and identified several critical vulnerabilities. Which action would accurately determine if these vulnerabilities are true positives?
Cross-reference the identified vulnerabilities with publicly available vulnerability databases.
Run a proof-of-concept exploit to see if the vulnerability can be actively exploited.
Wait for the next available security patch from the vendor for the identified vulnerabilities.
Reboot the affected systems and see if the vulnerability persists.