312-50V13 · Question #406
Given below are different steps involved in the vulnerability-management life cycle. 1) Remediation 2) Identify assets and create a baseline 3) Verification 4) Monitor 5) Vulnerability scan 6) Risk as
The correct answer is A. 2-->5-->6-->1-->3-->4. The correct sequence for the vulnerability management lifecycle starts with identifying assets, followed by scanning, assessing risks, remediating, verifying fixes, and continuously monitoring.
Question
Options
- A2-->5-->6-->1-->3-->4
- B2-->1-->5-->6-->4-->3
- C2-->4-->5-->3-->6--> 1
- D1-->2-->3-->4-->5-->6
How the community answered
(41 responses)- A80% (33)
- B12% (5)
- C5% (2)
- D2% (1)
Why each option
The correct sequence for the vulnerability management lifecycle starts with identifying assets, followed by scanning, assessing risks, remediating, verifying fixes, and continuously monitoring.
The vulnerability management lifecycle logically begins with identifying and baselining assets (2) to know what needs protection. Then, a vulnerability scan (5) discovers weaknesses, followed by a risk assessment (6) to prioritize them. Remediation (1) addresses the identified vulnerabilities, which then require verification (3) to ensure fixes are effective, and finally continuous monitoring (4) to detect new threats and vulnerabilities.
This sequence places remediation before scanning and risk assessment, which is illogical as you must identify and prioritize vulnerabilities before fixing them.
This sequence places monitoring and verification incorrectly, as monitoring should be continuous and verification occurs after remediation.
This sequence starts with remediation and follows an incorrect order, not aligning with standard vulnerability management practices.
Concept tested: Vulnerability management lifecycle
Source: https://docs.microsoft.com/en-us/azure/security-center/security-center-vulnerability-management-recommendations
Topics
Community Discussion
No community discussion yet for this question.