Which vulnerability catalog creates a list of publicly known vulnerabilities, each assigned an ID number, description, and reference?
- CVE
- CVSS
- OWASP WSTG
- NIST SP 800-115
Explanation: Vulnerability scanners rely heavily on catalogs of known vulnerabilities. The two catalogs of known vulnerabilities that a cybersecurity analyst should be familiar with are Common Vulnerabilities and Exposures (CVE), which is a list of publicly known vulnerabilities, each assigned an ID number, description, and reference, and Common Vulnerability Scoring System (CVSS), which provides a score from 0 to 10 that indicates the severity of a vulnerability. OWASP WSTG is a comprehensive guide focused on web application testing. NIST SP 800-115 is a document to provide organizations with guidelines on planning and conducting information security testing.
Exam with this question: 9.5.3 Quiz - Reporting and Communication Answers
Please login or Register to submit your answer