i Think is "D. attack vector".
Attack Vector ( AV) represents the level of access an attacker needs to have to exploit a vulnerability. It can assume four values: Network, Adjacent, Local and Physical.
Source: Official cert Guide Cisco CyberOps Associate CBROPS 200-201
Chapter7: Introduction to Security Operations Management.
Author: Omar Santos
According to cisco:
https://tools.cisco.com/security/center/resources/understanding-terminology.html#exploitability
The attack vector metric describes the shortest distance from the attacker to the target. So the privileges required are something else. So A is correct.
According with OFFICIAL Cert Guide Cisco O.Santos, correct is D.
According with tool.cisco.com terminology, correct is A.
Good question ... for me, my opinon, the question means not vector but privileges.
Free interpretation .
Privileges Required (PR) is a metric in the Common Vulnerability Scoring System (CVSS), which assesses the level of access or privileges an attacker needs before attempting an attack.
ANS: A
Privilege required is the metric that refers to the level of access an attacker needs to execute an attack
User interaction: This metric assess whether an attack requires a human action to be successful
Attack complexity: It is a metric used to measure how difficult it is for an attacker to successfully exploit a vulnerability or execute attack
Attack Vector: It refers to specific path uses to gain unauthorized access to a system or network
A is correct
From official Cisco course:
Privileges required: This is a metric that captures the level of access that is required for a successful exploit of the vulnerability.
Attack vector: This is a metric that reflects the proximity of the threat actor to the vulnerable component. The more remote the threat actor is to the component, the higher the severity. Threat actors close to your network or inside your network are easier to detect and mitigate.
From Official cert Guide Cisco CyberOps Associate CBROPS 200-201:
The base group defines exploitability metrics that measure how the vulnerability can be exploited, and impact metrics that measure the impact on confidentiality, integrity, and availability. In addition to these two, a metric called scope change (S) is used to convey the impact on systems that are affected by the vulnerability but do not contain vulnerable code.
Exploitability metrics include the following:
• Attack Vector (AV): Represents the level of access an attacker needs to have to exploit a
vulnerability. It can assume four values:
• Network (N)
• Adjacent (A)
• Local (L)
• Physical (P)
Correct Answer: A privileges required.
The "attack vector" (D) refers to the path or method used by an attacker to exploit a vulnerability. It describes how the attacker gains access to the target system, but it does not specifically capture the level of access needed to launch the attack.
Attack Vector (AV): Represents the level of access an attacker needs to have to exploit
a vulnerability. It can assume four values:
â– Network (N)
â– Adjacent (A)
â– Local (L)
â– Physical (P)
Privileges Required (PR): Represents the level of privileges an attacker must have to
exploit the vulnerability. The values are as follows:
â– None (N)
â– Low (L)
â– High (H)
Attack Vector simply is --> a way for attackers to enter the system (exploiting vulnerabilities)
Whilst the question talks about privileges --> answer PRIVILEGE
Source: https://contenthub.netacad.com/legacy/CyberOps/1.1/en/index.html#10.2.2.3
Privileges required – This is a metric that captures the level of access that is required for a successful exploit of the vulnerability.
The best answer is A. privileges required.
"Privileges required" is a metric used in the Common Vulnerability Scoring System (CVSS) to measure the level of access an attacker needs to successfully exploit a vulnerability. The other metrics mentioned, such as user interaction, attack complexity, and attack vector, are also used in CVSS to score the severity of a vulnerability, but they do not specifically measure the level of access required.
The correct answer is A. privileges required.
The metric "privileges required" is used to capture the level of access needed to launch a successful attack. This metric refers to the level of permissions or access that an attacker would need to have in order to exploit a vulnerability and carry out an attack.
For example, an attack that requires administrative privileges to execute would have a higher "privileges required" metric than an attack that can be carried out with only user-level permissions. The higher the level of access required, the more difficult the attack is to carry out and the more severe the potential impact.
The other options, user interaction, attack complexity, and attack vector, are also important metrics used in assessing the severity of a vulnerability or attack, but they do not specifically capture the level of access required for a successful attack.
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Torvalds
Highly Voted 4Â years, 1Â month agoLeo_Visser
4Â years agoDunky
4Â years, 1Â month agoalocin
Highly Voted 3Â years, 8Â months agoSbonel0
Most Recent 10Â months agoSbonel0
10Â months ago036e554
11Â months, 2Â weeks agocevahiroglu
1Â year agoRoBery
1Â year, 4Â months agoMax_DeJaV
1Â year, 9Â months agoWISDOM2080
1Â year, 9Â months agoFaio
1Â year, 9Â months agoFaio
1Â year, 12Â months agoKC21
2Â years agoKC21
2Â years agoslippery31
2Â years agoShammaA
2Â years agoslippery31
2Â years agoStevens0103
2Â years agoalhamry
2Â years, 1Â month agoitousattud
2Â years, 2Â months ago