nerdexam
Cisco

210-255 · Question #97

What is the definition of confidentiality according to CVSSv3 framework?

The correct answer is A. It a metric measures the impact to the confidentiality of the information resources managed by a. CVSSv3 defines confidentiality as a metric measuring the impact to information resources managed by a software component when a vulnerability is successfully exploited.

Security Policies and Procedures

Question

What is the definition of confidentiality according to CVSSv3 framework?

Options

  • AIt a metric measures the impact to the confidentiality of the information resources managed by a

How the community answered

(30 responses)
  • A
    100% (30)

Why each option

CVSSv3 defines confidentiality as a metric measuring the impact to information resources managed by a software component when a vulnerability is successfully exploited.

AIt a metric measures the impact to the confidentiality of the information resources managed by aCorrect

In the CVSSv3 framework, the Confidentiality impact metric evaluates the degree to which information disclosure results from exploiting a vulnerability. It specifically assesses the impact to data confidentiality within the vulnerable component, scored as None, Low, or High based on the scope and sensitivity of information exposed.

Concept tested: CVSSv3 confidentiality impact metric definition

Source: https://www.first.org/cvss/v3-1/specification-document

Topics

#CVSSv3#vulnerability scoring#confidentiality metric#CVSS framework

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice