Certified Ethical Hacker (CEH v11) — Question 88
David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable systems to reduce the impact and severity of vulnerabilities.
Which phase of the vulnerability-management life cycle is David currently in?
Answer options
- A. Remediation
- B. Verification
- C. Risk assessment
- D. Vulnerability scan
Correct answer: A
Explanation
David is in the Remediation phase, which involves applying fixes to vulnerable systems to reduce risks. The Verification phase follows remediation, focusing on checking if the fixes were successful, while the Risk assessment phase is about identifying and analyzing vulnerabilities, and the Vulnerability scan phase involves discovering vulnerabilities before any remediation occurs.