Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
"Vulnerability management is the process of systematically and continuously finding weaknesses in an entity's security procedures, systems or networks and taking corrective action. The ultimate goal of vulnerability management is to keep risk at or below the organization's risk tolerance level." - CISM Review Manual, 15th Edition, 2019, page 286.
Vuln is a weakness. To efflectively manage weakness, you need proactive controls. Although vuln is an important factor to reduce risks, there are also multiple other ways to ensure risks are within acceptble level, you can simply avoid or even transfer the risk, which does not relevant to vuln mangement.
C. Controls are managed proactively.
While all the options are important aspects of a comprehensive security program, proactively managing controls is at the core of effective vulnerability management.
Going with D. The ultimate goal is to reduce risk to an acceptable levels. Hence, effective management of vulnerabilities (implementation of controls) would be greatly indicative of risk reduction to acceptable levels. Option C is just a tool for this objective.
Option D, "Risks are managed within acceptable limits," is a general statement that applies to overall risk management, including vulnerability management. While managing risks within acceptable limits is an important objective of any security program, it does not specifically indicate the effectiveness of a vulnerability management program.
An effective vulnerability management program focuses specifically on identifying, prioritizing, and mitigating vulnerabilities in systems, applications, and networks. It involves activities such as vulnerability scanning, patch management, and vulnerability remediation. By actively managing vulnerabilities, organizations can reduce the likelihood of exploitation and potential impact from security incidents. So the answer would be Option C
D. Risks are managed within acceptable limits.
or
C. Controls are managed proactively.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
[Removed]
Highly Voted 7 months, 4 weeks agoDASH_v
Highly Voted 10 months agoPOWNED
Most Recent 1 month, 3 weeks agooluchecpoint
6 months, 4 weeks agojennarink13
9 months agosphenixfire
9 months, 2 weeks agosphenixfire
9 months, 2 weeks agoSaisharan
10 months agorichck102
10 months, 1 week ago