Which step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?

Which step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?

  • assess
  • discover
  • verify
  • prioritize assets
    Answers Explanation & Hints:

    The steps in the Vulnerability Management Life Cycle include these:

    • Discover – inventory all assets across the network and identify host details, including operating systems and open services, to identify vulnerabilities
    • Prioritize assets – categorize assets into groups or business units, and assign a business value to asset groups based on their criticality to business operations
    • Assess – determine a baseline risk profile to eliminate risks based on asset criticality, vulnerability threats, and asset classification
    • Report – measure the level of business risk associated with assets according to security policies. Document a security plan, monitor suspicious activity, and describe known vulnerabilities.
    • Remediate – prioritize according to business risk and fix vulnerabilities in order of risk
    • Verify – verify that threats have been eliminated through follow-up audits