Findings are typically categorized into which severity levels?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Findings are typically categorized into which severity levels?

Explanation:
Severity levels in findings are used to prioritize remediation by impact. In most pen test reporting, the standard triad is High, Medium, and Low. This three-level scale provides clear urgency without overcomplicating triage, matching how teams typically categorize and respond to issues. The option that uses High/Medium/Low fits this widely used scheme. The other options introduce an extra level such as Critical or Very High, which isn’t part of the basic triage, or include Informational, which isn’t a severity that drives remediation priority. Hence, High/Medium/Low is the best match.

Severity levels in findings are used to prioritize remediation by impact. In most pen test reporting, the standard triad is High, Medium, and Low. This three-level scale provides clear urgency without overcomplicating triage, matching how teams typically categorize and respond to issues.

The option that uses High/Medium/Low fits this widely used scheme. The other options introduce an extra level such as Critical or Very High, which isn’t part of the basic triage, or include Informational, which isn’t a severity that drives remediation priority. Hence, High/Medium/Low is the best match.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy