Question

A new system administrator has been working all morning typing in new vulnerability signatures to ensure the vulnerability scanner is current. The admin is utilizing common vulnerabilities and exposures (CVE) to obtain the information and the common vulnerability scoring system (CVSS) to find the fix. What should the new system admin have done? (Select the three best options.)

Answer 1

The system administrator should have automated the update process, validated the vulnerability signatures, and prioritized vulnerabilities based on CVSS scores to maintain an effective vulnerability management system.

Step-by-step explanation:

The new system administrator, when working to ensure the vulnerability scanner is current using Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS), should have followed some best practices. Here are the three main steps they should have taken:

• Automated the update process: The admin should use tools or scripts that automatically integrate the latest CVE data into the vulnerability scanner. Manual entry is prone to errors and inefficiencies.
• Validated the signatures: After inputting new signatures, it’s important to validate them to ensure they are correctly identifying vulnerabilities without producing false positives or negatives.
• Prioritized vulnerabilities based on CVSS scores: Vulnerabilities need to be prioritized so the most critical ones are addressed first. CVSS helps in determining the severity of the vulnerabilities.

These steps would help the system administrator maintain an effective and efficient vulnerability management process.