A system administrator recently deployed and verified the installation of a critical patch issued by the company’s primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerability assessment of networked systems, and each of them still reported having the same vulnerability. Which of the following if the
MOST likely explanation for this?
A.
The administrator entered the wrong IP range for the assessment.
B.
The administrator did not wait long enough after applying the patch to run the assessment.
C.
The patch did not remediate the vulnerability.
D.
The vulnerability assessment returned false positives.
Explanation: