Notifications
Clear all
Topic starter
08/09/2022 9:17 am
A security analyst is reviewing information regarding recent vulnerabilities.
Which of the following will the analyst MOST likely consult to validate which platforms have been affected?
- A . OSINT
- B . SIEM
- C . CVSS
- D . CVE
Suggested Answer: D
Explanation:
CVE entries are brief. They don’t include technical data, or information about risks, impacts, and fixes. Those details appear in other databases, including the U.S. National Vulnerability Database (NVD), the CERT/CC Vulnerability Notes Database, and various lists maintained by vendors and other organizations. Across these different systems, CVE IDs give users a reliable way to tell one unique security flaw from another.
Explanation:
CVE entries are brief. They don’t include technical data, or information about risks, impacts, and fixes. Those details appear in other databases, including the U.S. National Vulnerability Database (NVD), the CERT/CC Vulnerability Notes Database, and various lists maintained by vendors and other organizations. Across these different systems, CVE IDs give users a reliable way to tell one unique security flaw from another.