Your organization is reviewing its vulnerability management process and requires a method to routinely identify new and unaddressed vulnerabilities on its network devices, servers, and workstations. Which of the following is the BEST method to accomplish this?
Subscribing to threat feeds that include intelligence on the latest security risks
Implementing an enterprise-level firewall with advanced threat detection capabilities
Regular vulnerability scanning is the best method for routinely identifying new and unaddressed vulnerabilities on network devices, servers, and workstations. Automated scans continuously detect security weaknesses so they can be remediated before attackers exploit them. Penetration testing can reveal vulnerabilities but is usually performed only periodically because it is labor-intensive and costly. External threat-intelligence feeds supply indicators of compromise but do not examine internal assets. Firewalls focus on filtering traffic and preventing unauthorized access rather than enumerating software flaws on hosts.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is vulnerability scanning?
Open an interactive chat with Bash
How is penetration testing different from vulnerability scanning?
Open an interactive chat with Bash
Why are threat feeds not sufficient for vulnerability management?