I. Classify the details that data stored in a vulnerability database should contain to be effective when an issue occurs:
• A unique vulnerability ID number for reporting and tracking remediation actions
• Linkage to the risk, threat, and attack database based on the physical information asset underlying the vulnerability; the IP address is a good choice for this linkage
• Vulnerability details, which are usually based on the test script used during the scanning step of the process; if the Nessus scanner is used, each test script has an assigned code (NASL, or Nessus attack scripting language) that can identify the vulnerability effectively
• Dates and times of notification and remediation activities
• The current status of the vulnerability, such as found, reported, or repaired
• Comments, which give analysts the chance to provide system administrators with detailed information forfixing the vulnerability
• Other fields as needed to manage the reporting and tracking processes in the remediation phase
II. Establish an understanding that the vulnerability database is an essential part of an effective remediation process because it helps organizations keep track of vulnerabilities as they are reported and mediated.