During a routine scan, multiple potential issues were flagged. Which approach best aligns with the evaluation stage in vulnerability management, where discovered weaknesses are analyzed for severity and impact on operations? Select the BEST answer.
Keep weaknesses in an archived list until the next scheduled repair window
Patch critical components and omit other components from further inspection
Scrutinize discovered weaknesses to determine risk levels, then prioritize efforts based on potential harm
Ignore low-level weaknesses and address issues reported by users
Evaluating vulnerabilities means performing a risk-based analysis of every finding. By rating the likelihood of exploitation and the business impact, the security team creates an ordered list that drives subsequent remediation. Skipping or archiving findings, or patching blindly without analysis, fails to generate an objective basis for action and can leave high-risk flaws exposed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the evaluation stage in vulnerability management?
Open an interactive chat with Bash
How are risk levels determined during vulnerability evaluation?
Open an interactive chat with Bash
Why is prioritization essential in vulnerability management?