A system administrator recently deployed and verified the installation of a critical patch issued by the company’s primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network.
However, the administrator just ran a vulnerability assessment of networked systems, and each of them still reported having the same vulnerability.
Which of the following is the MOST likely explanation for this?
A . The administrator entered the wrong IP range for the assessment.
B . The administrator did not wait long enough after applying the patch to run the assessment.
C . The patch did not remediate the vulnerability.
D . The vulnerability assessment returned false positives.
Answer: C