nerdexam
ExamsCV0-003Questions#384
CompTIA

CV0-003 · Question #384

CV0-003 Question #384: Real Exam Question with Answer & Explanation

The correct answer is B: Vulnerability assessment. A vulnerability assessment actively scans systems to identify and report existing security weaknesses and open exploits in an environment.

Security

Question

An organization wants to be informed of any security exploits open in the cloud virtual environment that is being hosted in the organization's boundary. Which of the following will need to be performed?

Options

  • ATabletop exercise
  • BVulnerability assessment
  • CSeparation of duties
  • DAudit review

Explanation

A vulnerability assessment actively scans systems to identify and report existing security weaknesses and open exploits in an environment.

Common mistakes.

  • A. A tabletop exercise is a discussion-based simulation of an incident response scenario and does not scan or detect actual technical vulnerabilities in a live environment.
  • C. Separation of duties is an access control principle that divides critical responsibilities among multiple individuals to reduce insider risk, not a method for detecting open security exploits.
  • D. An audit review examines historical logs and compliance records after the fact and does not actively identify or enumerate open exploits in a running environment.

Concept tested. Vulnerability assessment for cloud security

Reference. https://csrc.nist.gov/publications/detail/sp/800-115/final

Topics

#vulnerability assessment#cloud security#security scanning#virtual environment

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CV0-003 Practice
An organization wants to be informed of any security exploits open... | CV0-003 Q#384 Answer | NerdExam