When a penetration test identifies a vulnerability, how should the vulnerability be further verified?
- determine if the vulnerability is exploitable
- prioritize the vulnerability severity
- assess the business risk associated with the vulnerability
- mitigate the vulnerability
|
Explanation & Hint: If a detected vulnerability can be exploited, it is verified as valid. The vulnerability should then be prioritized, mitigated, and risk assessed.
|