nerdexam
EC-Council

312-50V13 · Question #210

David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its

The correct answer is D. Remediation. Remediation is the correct answer because this phase specifically involves applying fixes, patches, and corrective actions to vulnerable systems in order to reduce or eliminate the impact of identified vulnerabilities - which is exactly what David is doing. Why the other options

Submitted by joshua94· Mar 6, 2026Vulnerability Analysis

Question

David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable systems to reduce the impact and severity of vulnerabilities. Which phase of the vulnerability-management life cycle is David currently in?

Options

  • Averification
  • BRisk assessment
  • CVulnerability scan
  • DRemediation

How the community answered

(33 responses)
  • B
    3% (1)
  • C
    3% (1)
  • D
    94% (31)

Explanation

Remediation is the correct answer because this phase specifically involves applying fixes, patches, and corrective actions to vulnerable systems in order to reduce or eliminate the impact of identified vulnerabilities - which is exactly what David is doing.

Why the other options are wrong:

  • Verification (A) comes after remediation and involves confirming that the applied fixes have successfully resolved the vulnerabilities.
  • Risk Assessment (B) is an earlier phase focused on evaluating and prioritizing vulnerabilities based on their potential impact, not fixing them.
  • Vulnerability Scan (C) is the phase where tools are used to discover and identify vulnerabilities in the system, which happens before any fixes are applied.

Memory Tip: Think of the vulnerability management life cycle in logical order - Scan → Assess → Remediate → Verify. "Remediate" sounds like "remedy," meaning to cure or fix a problem. Whenever a question mentions applying patches or fixes, that's your trigger word for Remediation.

Topics

#Vulnerability Management#Remediation#Vulnerability Life Cycle#Security Operations

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice