Certified Ethical Hacker (CEH v13) — Question 257

David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable systems to reduce the impact and severity of vulnerabilities. Which phase of the vulnerability-management life cycle is David currently in?

Answer options

• A. Remediation
• B. Verification
• C. Risk assessment
• D. Vulnerability scan

Correct answer: A

Explanation

David is in the Remediation phase, where he applies fixes to vulnerable systems to mitigate risks. The Verification phase involves confirming that vulnerabilities are resolved, while Risk assessment focuses on identifying and evaluating risks, and Vulnerability scan refers to the process of detecting vulnerabilities.