Which of the following actions should the company lake to most likely improve the vulnerability management process?

A company is having issues with its vulnerability management program New devices/lPs are added and dropped regularly, making the vulnerability report inconsistent.

Which of the following actions should the company lake to most likely improve the vulnerability management process?
A . Request a weekly report with all new assets deployed and decommissioned
B . Extend the DHCP lease lime to allow the devices to remain with the same address for a longer period.
C . Implement a shadow IT detection process to avoid rogue devices on the network
D . Perform regular discovery scanning throughout the 11 landscape using the vulnerability management tool

View Answer

Answer: D

Explanation:

To improve the vulnerability management process in an environment where new devices/IPs are added and dropped regularly, the company should perform regular discovery scanning throughout the IT landscape using the vulnerability management tool.

Here’s why:

Accurate Asset Inventory: Regular discovery scans help maintain an up-to-date inventory of all assets, ensuring that the vulnerability management process includes all relevant devices and IPs.

Consistency in Reporting: By continuously discovering and scanning new and existing assets, the company can generate consistent and comprehensive vulnerability reports that reflect the current state of the network.

Proactive Management: Regular scans enable the organization to proactively identify and address vulnerabilities on new and existing assets, reducing the window of exposure to potential threats.

References:

CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl

NIST Special Publication 800-40: Guide to Enterprise Patch Management Technologies

CIS Controls: Control 1 – Inventory and Control of Hardware Assets