A security administrator has deployed vendor patches to a group of web servers after a critical vulnerability was discovered. According to the vulnerability-management process, which of the following activities should be performed next to confirm that the servers are no longer susceptible to the original flaw?
Assign new Common Vulnerability Enumeration (CVE) identifiers.
Perform a vulnerability rescan of the patched servers.
Calculate the exposure factor to determine business impact.
Document an exception for systems that could not be patched.
Performing a vulnerability rescan immediately after patch deployment verifies that the patch was installed correctly and that the previously detected vulnerability is no longer present. This validation step helps identify any systems where the patch failed and ensures that no new issues were introduced. The other choices (calculating exposure factor, assigning new CVE identifiers, or documenting an exception) do not test whether the vulnerability has truly been mitigated.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is a vulnerability rescan necessary after patch deployment?
Open an interactive chat with Bash
What is the difference between a vulnerability scan and a penetration test?
Open an interactive chat with Bash
What is the role of a Common Vulnerability Enumeration (CVE) identifier?