What are the steps related to the vulnerability management program?

What are the steps related to the vulnerability management program?
Each correct answer represents a complete solution. Choose all that apply.

What are the steps related to the vulnerability management program?
Each correct answer represents a complete solution. Choose all that apply.

A.
Maintain and Monitor

B.
Organization Vulnerability

C.
Define Policy

D.
Baseline the Environment

Explanation:
While program definitions vary in the industry, Gartner, a prominent IT Analyst company, defines six
steps for vulnerability management programs.
Define Policy: Organizations must start out by determining what the desired security state for their
environment is. This includes determining desired device and service configurations and access
control rules for users accessing resources.
Baseline the Environment: Once a policy has been defined, the organization must assess the true
security state of the environment and determine where instances of policy violations are occurring.
Prioritize Vulnerabilities: Instances of policy violations are Vulnerability (computing). These
vulnerabilities are then prioritized using risk and effort-based criteria. Shield – In the short term, the
organization can take steps to minimize the damage that could be caused by the vulnerability by
creating compensating controls.
Mitigate Vulnerabilities: Ultimately, the root causes of vulnerabilities must be addressed. This is
often done via patching vulnerable services, changing vulnerable configurations or making
application updates to remove vulnerable code.



Leave a Reply 0

Your email address will not be published. Required fields are marked *