When a penetration test identifies a vulnerability, how should the vulnerability be further verified?
- determine if the vulnerability is exploitable
- prioritize the vulnerability severity
- assess the business risk associated with the vulnerability
- mitigate the vulnerability
Explanation: If a detected vulnerability can be exploited, it is verified as valid. The vulnerability should then be prioritized, mitigated, and risk assessed.
Exam with this question: 3.5.3 Quiz - Information Gathering and Vulnerability Scanning Answers
Please login or Register to submit your answer