CompTIA Security+ SY0-701 Practice Question
During a quarterly review, the Chief Information Security Officer (CISO) requests a report that focuses on the effective remediation of identified vulnerabilities. Considering industry best practices, which of the following sections should be INCLUDED in the report to BEST aid the CISO in evaluating the remediation efforts?
A comparison with industry benchmarks for the number of vulnerability occurrences
A segment outlining when each vulnerability was first detected
A section detailing the mean time to remediate (MTTR) vulnerabilities
A forecast on potential future vulnerabilities based on current trends