*Identify observables that flow from particular attacker Tactics, Techniques, and Procedures (TTPs) to optimize your security monitoring capabilities (Task ID: R3-9811)

*Identify external scanning needs than an internal scanner may not adequately be able to assess (Task ID: R3-9275)

*Identify external scanning needs that an internal scanner may not adequately be able to assess (Task ID: R3-9547)

*Monitor for new systems installed on the network. (Task ID: R3-9544)

*Report test completion providing a summary of what was tested with results to management (Task ID: R3-9402)

*Scan against configuration anomalies. (Task ID: R3-9425)

*Scan for gaps in system configuration against a benchmark configuration manual. (Task ID: R3-9444)

*Scan internal and external networks for new and unauthorized systems. (Task ID: R3-9554)

*Scan internal and external networks for new and unauthorized systems. (Task ID: R3-9555)

*Assign a technical POC for vulnerability remediation and assistance (Task ID: R3-9624)

*Decide the risk ratings of the vulnerability based on the technical information and how the technology is deployed/importance of the systems (Task ID: R3-9625)

*Develop appropriate mitigations after consulting with the vendor/integrators and internal system owners (Task ID: R3-9626)

*Document all vulnerability information alerts or disclosures that apply to deployed technology and note the time and responsible party to develop the risk picture and initiate workflow (Task ID: R3-9623)

*Implement vulnerability mitigations in accordance with the plan to include patches or additional security controls (Task ID: R3-9627)