Vulnerability Management — CompTIA Security+ (SY0-701) Practice Questions
Vulnerability management is the continuous process of identifying, classifying, prioritizing, remediating, and verifying security weaknesses across an organization's assets. SY0-701 covers the full lifecycle, including asset discovery, vulnerability scanning with tools like Nessus or OpenVAS, CVSS scoring for prioritization, and the difference between authenticated and unauthenticated scans. Candidates must understand remediation options such as patching, configuration changes, and acceptance of risk, as well as how scan results feed into risk management decisions. This topic connects directly to patch management, threat intelligence, and compliance objectives on the exam.
Free questions on vulnerability management
Which of the following best describes a zero-day vulnerability?
Free question · easy · full answer + explanation
More vulnerability management questions in the full bank
- An IoT device manufacturer fails to provide security updates for their devices. What is the GREATEST risk? Unlock answer & explanation →
- What is the primary goal of vulnerability management? Unlock answer & explanation →
- What is the primary benefit of image scanning in containerization security? Unlock answer & explanation →