Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to
assess its network security through scanning, pen tests, and vulnerability assessments. After discovering
numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that
show up as unknown but Questionable in the logs. He looks up the behavior on the Internet, but cannot find
anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?
A.
APIPA
B.
IANA
C.
CVE
D.
RIPE
CVE® is a list of entries—each containing an identification number, a
description, and at least one public reference—for publicly known cybersecurity vulnerabilities.
CVE Entries are used in numerous cybersecurity products and services from around the world,
including the U.S. National Vulnerability Database (NVD).
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures.