A security administrator has deployed vendor patches to a group of web servers after a critical vulnerability was discovered. According to the vulnerability-management process, which of the following activities should be performed next to confirm that the servers are no longer susceptible to the original flaw?
Assign new Common Vulnerability Enumeration (CVE) identifiers.
Perform a vulnerability rescan of the patched servers.
Document an exception for systems that could not be patched.
Calculate the exposure factor to determine business impact.
Performing a vulnerability rescan immediately after patch deployment verifies that the patch was installed correctly and that the previously detected vulnerability is no longer present. This validation step helps identify any systems where the patch failed and ensures that no new issues were introduced. The other choices (calculating exposure factor, assigning new CVE identifiers, or documenting an exception) do not test whether the vulnerability has truly been mitigated.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it necessary to conduct a vulnerability scan after applying patches?
Open an interactive chat with Bash
What are common tools used to perform vulnerability scans?
Open an interactive chat with Bash
What could happen if a vulnerability scan is not performed after patching?