SC-200: Vulnerability Inventory Report for System Weaknesses | Microsoft Security Operations Analyst Exam

Vulnerability Inventory Report

Question

You are in charge for working with the endpoint team to patch weaknesses reported by Threat Vulnerability Management.

Which report keeps an inventory of the vulnerabilities of your systems are wide-open by listing the CVE IDs ?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: A.

Option A is correct.

This report is enumerated by the CVE ID.Option B is incorrect.

Software inventory page contains a list of software installed in your organization.

Option C is incorrect.

Event timeline is a risk feed that lets you understand how risk is introduced in the organization.

Option D is incorrect.

Incident report doesn't contain any weaknesses or vulnerabilities.

Reference:

The report that keeps an inventory of vulnerabilities in your systems and lists the CVE IDs is the "Weakness" report.

Threat Vulnerability Management (TVM) is a process that helps organizations identify and prioritize vulnerabilities in their systems. It involves identifying vulnerabilities, assessing their severity, and then taking steps to mitigate them. As part of the TVM process, the endpoint team will work to patch the weaknesses that are identified.

The weakness report is a list of vulnerabilities that have been identified through the TVM process. It will typically include information such as the CVE IDs, the severity of the vulnerability, and any other relevant details. The CVE (Common Vulnerabilities and Exposures) ID is a unique identifier assigned to a specific vulnerability.

By maintaining an up-to-date weakness report, the endpoint team can keep track of the vulnerabilities that have been identified and prioritize which ones to address first. This can help to ensure that the most critical vulnerabilities are patched in a timely manner, reducing the risk of a security breach.

In summary, the weakness report is an important tool for managing vulnerabilities in your systems, and it helps the endpoint team prioritize patching efforts.