GETIt

1/17/23, 8:11 AM Vulnerability Assessments

https://leocontent.umgc.edu/content/scor/uncurated/cst/2215-cst610/learning-topic-list/vulnerability-assessments.html?ou=722269 1/2

Vulnerability Assessments

A vulnerability assessment is a process for finding and classifying security problems in a

system or network. These holes can then be patched, or associated risks can be mitigated.

Not all vulnerabilities in an assessment will be treated as equal. Some vulnerabilities,

usually those that are far less likely to happen, may be deprioritized. More common holes

are likely to receive priority. This is also true of holes with a high risk of losing sensitive or

important data, even if the vulnerability is less likely.

Read chapers 2 and 4 of NIST SP 800-115 Technical Guide to

Information Security Testing and Assessment

(https://doi.org/10.6028/NIST.SP.800-115)

Vulnerability

(https://leocontent.umgc.edu/content/scor/uncurated/cst/2215-

cst610/learning-resource-list/vulnerability.html?ou=722269)

Resources

1/17/23, 8:11 AM Vulnerability Assessments

https://leocontent.umgc.edu/content/scor/uncurated/cst/2215-cst610/learning-topic-list/vulnerability-assessments.html?ou=722269 2/2

Question 1

True or false: Vulnerability assessments are an optional part of basic

security.

True

False

Question 2

True or false: A vulnerability assessment will create a list of known

vulnerabilities in a system or network.

True

False

Question 3

True or false: All of the vulnerabilities in an assessment will be treated

equally.

True

False

© 2023 University of Maryland Global Campus

All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or integrity

of information located at external sites.

Check Your Knowledge