312-50V13 Question #532: Real Exam Question with Answer & Explanation

Question

A cybersecurity analyst in an organization is using the Common Vulnerability Scoring System to assess and prioritize identified vulnerabilities in their IT infrastructure. They encountered a vulnerability with a base metric score of 7, a temporal metric score of 8, and an environmental metric score of 5. Which statement best describes this scenario?

Options

• AThe vulnerability has a medium severity with a high likelihood of exploitability over time and a
• BThe vulnerability has a medium severity with a diminishing likelihood of exploitability over time,
• CThe vulnerability has an overall high severity with a diminishing likelihood of exploitability over
• DThe vulnerability has an overall high severity, the likelihood of exploitability is increasing over

Explanation

With a CVSS Base Score of 7 (High), a Temporal Score of 8 (indicating high current exploitability), and an Environmental Score of 5, the vulnerability has an overall high severity, its likelihood of exploitability is currently high or increasing, and its impact within the specific environment is also considered high enough to contribute to the overall high severity.

Common mistakes.

• A. A Base Score of 7 (out of 10) is categorized as 'High' severity, not medium.
• B. A Base Score of 7 is 'High' severity, not medium, and a high Temporal Score (8) indicates a high or increasing likelihood of exploitability, not diminishing.
• C. While the overall severity is high, a high Temporal Score (8) indicates high or increasing likelihood of exploitability, not diminishing likelihood.

Concept tested. CVSS scoring interpretation

Reference. https://nvd.nist.gov/vuln-metrics/cvss

No community discussion yet for this question.