20. Lesson Recap
Lesson Recap
ND545 C3 L3 A10 Lesson Conclusion
Remediation planning helps security professionals understand and prioritize which vulnerabilities matter most. At this point you should be able to:
- Conduct vulnerability research using industry resources like MITRE CVE frame
- Validate scan results through manual testing and application of business context
- Prioritize security gaps discovered and recommend remediation strategies
Kudos on making it thus far! You’re now aware of some of the factors to be considered as you work to prioritize and remediate these findings.
Glossary
| Term | Definition |
|---|---|
| False positive | An alert that incorrectly indicates that a vulnerability is present. |
| False negative | An instance in which a security tool intended to detect a particular threat fails to do so. |
| True positive | An alert that rightfully indicates a vulnerability is present. |
| Validate | Confirm that vulnerabilities are valid and remove any false positives. |
| Prioritize | Rank vulnerabilities based on risk and other factors that help signify what should be addressed first. |
| Remediate | Work with appropriate resources to fix the issues. |
| Retest | Rescan or retest to confirm that the vulnerability has been fixed, and that other gaps were not exposed in the process. |
| Close | Document the closure of the vulnerability. |
As a side note, this course is a foundational course that is meant to help build the knowledge to become job-ready, but you will likely need additional training and/or coursework in order to obtain a job in this field. These foundations will set you up for success going forward and are vital to your success in this field.