Which step in the Vulnerability Management Life Cycle determines a baseline risk profile to eliminate risks based on asset criticality, vulnerability threat, and asset classification?

The steps in the Vulnerability Management Life Cycle include these:

• Discover – inventory all assets across the network and identify host details, including operating systems and open services, to identify vulnerabilities
• Prioritize assets – categorize assets into groups or business units, and assign a business value to asset groups based on their criticality to business operations
• Assess – determine a baseline risk profile to eliminate risks based on asset criticality, vulnerability threats, and asset classification
• Report – measure the level of business risk associated with assets according to security policies. Document a security plan, monitor suspicious activity, and describe known vulnerabilities.
• Remediate – prioritize according to business risk and fix vulnerabilities in order of risk
• Verify – verify that threats have been eliminated through follow-up audits