CV0-004 · Question #127
CV0-004 Question #127: Real Exam Question with Answer & Explanation
The correct answer is A: Patching the operating systems. {"question_number": 8, "explanation": "CVEs (Common Vulnerabilities and Exposures) are specific, known flaws in software or operating systems. A CVSS score of 9.0 is Critical, and a network attack vector means the vulnerability is exploitable remotely without local access. The de
Question
Two CVEs are discovered on servers in the company's public cloud virtual network. The CVEs are listed as having an attack vector value of network and CVSS score of 9.0. Which of the following actions would be the best way to mitigate the vulnerabilities?
Options
- APatching the operating systems
- BUpgrading the operating systems to the latest beta
- CEncrypting the operating system disks
- DDisabling unnecessary open ports
Explanation
{"question_number": 8, "explanation": "CVEs (Common Vulnerabilities and Exposures) are specific, known flaws in software or operating systems. A CVSS score of 9.0 is Critical, and a network attack vector means the vulnerability is exploitable remotely without local access. The definitive remediation for a known CVE is applying the vendor-released patch, which directly eliminates the vulnerability from the codebase. Upgrading to a beta OS is risky and unsupported in production. Encrypting OS disks protects data at rest but does not fix software vulnerabilities. Disabling open ports reduces the attack surface but does not patch the underlying flaw - an attacker using a required port could still exploit the CVE. Patching is the correct and complete remediation.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.