CS0-003 · Question #389
CS0-003 Question #389: Real Exam Question with Answer & Explanation
The correct answer is A: Vulnerability 1. The question asks which vulnerability to patch first from a list of vector strings, implying a need to prioritize based on severity and potential impact to an internet-exposed web server.
Question
A vulnerability scan of a web server that is exposed to the internet was recently completed. A security analyst is reviewing the resulting vector strings: Which of the following vulnerabilities should be patched first?
Options
- AVulnerability 1
- BVulnerability 2
- CVulnerability 3
- DVulnerability 4
Explanation
The question asks which vulnerability to patch first from a list of vector strings, implying a need to prioritize based on severity and potential impact to an internet-exposed web server.
Common mistakes.
- B. Vulnerability 2 would likely have a lower CVSS score compared to Vulnerability 1, indicating less severe impact or harder exploitability, thus making it a lower priority for immediate patching.
- C. Vulnerability 3 would likely have a lower CVSS score compared to Vulnerability 1, indicating less severe impact or harder exploitability, thus making it a lower priority for immediate patching.
- D. Vulnerability 4 would likely have a lower CVSS score compared to Vulnerability 1, indicating less severe impact or harder exploitability, thus making it a lower priority for immediate patching.
Concept tested. Prioritizing vulnerabilities based on CVSS scores
Reference. https://www.first.org/cvss/v3.1/specification-document
Topics
Community Discussion
No community discussion yet for this question.