ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 30 discussion

Actual exam question from Cisco's 200-201
Question #: 30
Topic #: 1
[All 200-201 Questions]

Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?

  • A. integrity
  • B. confidentiality
  • C. availability
  • D. scope
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Leo_Visser at July 1, 2021, 1:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Leo_Visser
Highly Voted 2 years, 10 months ago
Correct answer is A "2.3.2. Integrity (I) This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information. The Base Score is greatest when the consequence to the impacted component is highest." source: https://www.first.org/cvss/specification-document
upvoted 7 times
Leo_Visser
2 years, 10 months ago
But you could read the question in a way where the goal of this attack might be to overload the storage of the server or something like that, and if that would be the case it could be that this the Actions on Objective phase because it's targeting multiple places which have things create so it could very well be that it might tries to exhaust the storage and by that take the site down. But this is not an attack which is seen often and therefore I wouldn't say this to be the right answer. It could also indeed be answer C where the goal is to install several files but this would be more an delivery step then a installation step. Normally you would use the installed files to create a better RCE exploit which allows you to install something malicious on the system itself and from there work on. So I think A is the best answer as it looks more like the threat actor is just trying different sites to see where the code will work.
upvoted 2 times
...
...
WISDOM2080
Most Recent 8 months, 2 weeks ago
A. integrity
upvoted 1 times
...
ShammaA
11 months, 2 weeks ago
Simplest question -- anything that changes has to do with the integrity.
upvoted 2 times
...
drdecker100
1 year, 2 months ago
Selected Answer: A
The "Integrity" metric in CVSS measures the impact that a successful attack would have on the integrity of the system or data. This metric is based on the potential for unauthorized modification or destruction of data, which includes actions such as changing bank account numbers. In this scenario, an attacker is modifying the destination bank account number, which could lead to financial loss and the unauthorized transfer of funds. This attack would impact the integrity of the system, as it involves unauthorized modification of data.
upvoted 2 times
...
halamah
2 years, 6 months ago
correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago