CompTIA Security+ (SY0-601) — Question 853

A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better:

Answer options

• A. validate the vulnerability exists in the organization's network through penetration testing.
• B. research the appropriate mitigation techniques in a vulnerability database.
• C. find the software patches that are required to mitigate a vulnerability.
• D. prioritize remediation of vulnerabilities based on the possible impact.

Correct answer: D

Explanation

The correct answer is D because the CVSS score provides a standardized way to measure the severity of vulnerabilities, allowing organizations to prioritize remediation efforts based on potential impact. Options A, B, and C do not directly relate to the prioritization of remediation, which is the primary benefit of having the CVSS score.