CompTIA Security+ (SY0-601) — Question 457

Which of the following methods is the most effective for reducing vulnerabilities?

Answer options

• A. Joining an information-sharing organization
• B. Using a scan-patch-scan process
• C. Implementing a bug bounty program
• D. Patching low-scoring vulnerabilities first

Correct answer: B

Explanation

The scan-patch-scan process is the most effective because it ensures that vulnerabilities are identified, addressed, and then re-verified to confirm that the patches are effective. The other options, while beneficial, do not provide the same level of systematic assurance that vulnerabilities have been properly mitigated.