As an update to this request for information, I found that even after running the mitigation tool against a device and taking the following three steps, unprovision (which it reported that it was never provisioned, as it should), disable client remote capabilities, and disable LMS services, and then re-running the discovery the device is still being reported as vulnerable. Is the mitigation tool not intelligent enough to determine that mitigation steps have been taken, or is there still a problem?
Again, thank you for any assistance.
Sean