In profiling a server, what defines what an application is allowed to do or run on a server?

Which metric class in the CVSS Basic Metric Group identifies the impacts on confidentiality, integrity, and availability?

When establishing a server profile for an organization, which element describes the type of service that an application is allowed to run on the server?

What are the steps in the vulnerability management life cycle?

Which security management function is concerned with the inventory and control of hardware and software configurations of systems?

In addressing an identified risk, which strategy aims to decrease the risk by taking measures to reduce vulnerability?

Which step in the Vulnerability Management Life Cycle performs inventory of all assets across the network and identifies host details, including operating system and open services?