A cybersecurity analyst uses the Common Vulnerability Scoring System (CVSS) to evaluate the severity of a vulnerability in a company's software. When using the CVSS to evaluate the severity of a software vulnerability, what specific factors should the analyst consider, and why is CVSS an important tool for IT teams to use? (Select the two best options.)
A.Type of vulnerability, affected system, and potential impact; to prioritize remediation efforts
B.Severity, number of systems affected, and potential impact; to allocate resources more effectively
C.Likelihood of exploitation, potential impact, and patch availability; to provide an objective measure of risk
D.Cost of fixing, number of systems affected, and potential impact; to provide a standardized method for assessing severity