Vulnerability Management — CompTIA PenTest+ (PT0-002) Practice Questions
Vulnerability management is the ongoing process of identifying, classifying, prioritizing, and remediating security vulnerabilities across an organization's systems and applications. PT0-002 positions penetration testing as one input into a broader vulnerability management program, and candidates must understand how to communicate findings using standardized severity scoring systems such as CVSS. The exam also covers how testers differentiate between vulnerabilities that are exploitable in context versus those that are theoretical, which directly influences remediation prioritization recommendations.
Free questions on vulnerability management
An organization has contracted a penetration tester to assess their web application. The tester discovers an unpatched SQL injection vulnerability in the login form. What should the tester do FIRST?
Free question · easy · full answer + explanation
What does CVSS stand for?
Free question · easy · full answer + explanation
More vulnerability management questions in the full bank
- What is the importance of remediation recommendations in a penetration test report? Unlock answer & explanation →
- What is a zero-day vulnerability? Unlock answer & explanation →
- What is a zero-day vulnerability and why is it particularly dangerous? Unlock answer & explanation →