Are you planning to take the Security+ exam?
If so, make sure you understand various methods used to reduce vulnerabilities, including vulnerability scans.
As an example, can you answer this sample question?
Q. You recently completed a vulnerability scan on your network. It reported that several servers are missing key operating system patches. However, after checking the servers, you’ve verified the servers have these patches installed. Which of the following BEST describes this?
A. False negative
B. Misconfiguration on servers
C. False positive
D.Servers not hardened
Check out the answer (and full explanation) here.