CompTIA CySA+ (CS0-001) — Question 236

A web developer wants to create a new web part within the company website that aggregates sales from individual team sites. A cybersecurity analyst wants to ensure security measurements are implemented during this process. Which of the following remediation actions should the analyst take to implement a vulnerability management process?

Answer options

• A. Personnel training
• B. Vulnerability scan
• C. Change management
• D. Sandboxing

Correct answer: C

Explanation

Change management is essential for implementing a vulnerability management process because it ensures that any changes made to the system are documented, reviewed, and approved, thus minimizing security risks. Personnel training, vulnerability scans, and sandboxing are important, but they do not specifically address the structured approach required for managing changes and vulnerabilities effectively.