ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 375 discussion

Actual exam question from CompTIA's CS0-002
Question #: 375
Topic #: 1
[All CS0-002 Questions]

A security analyst recently implemented a new vulnerability scanning platform. The initial scan of 438 hosts found the following vulnerabilities:

• 210 critical
• 1,854 high
• 1,786 medium
• 48 low

The analyst is unsure how to handle such a large-scale remediation effort. Which of the following would be the next logical step?

  • A. Identify the assets with a high value and remediate all vulnerabilities on those hosts.
  • B. Perform remediation activities for all critical and high vulnerabilities first.
  • C. Perform a risk calculation to determine the probability and magnitude of exposure.
  • D. Identify the vulnerabilities that affect the most systems and remediate them first.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by CyberCEH at May 17, 2023, 6:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
karpal
Highly Voted 2 years ago
Selected Answer: C
first you need to understand the risk = probability x Impact(Magnitued). C
upvoted 6 times
...
tutita
Highly Voted 2 years ago
Selected Answer: C
the next logical step will be C, calculate the risk and then prioritize
upvoted 5 times
...
grelaman
Most Recent 1 year, 8 months ago
Selected Answer: B
This is because critical and high vulnerabilities pose the greatest risk to the organization's IT infrastructure and data. By remediating these vulnerabilities first, the analyst can significantly reduce the organization's risk of being exploited by attackers.
upvoted 1 times
grelaman
1 year, 8 months ago
Why not C? Beacuse your organization is full of critical vulnerabiliets bro...you need to act now....and performing a risk calculation for that hugh amount of flaws to determine the probability and magnitude of exposure would be helpful, but it would take too much time to complete. It is a long term strategy...
upvoted 3 times
...
...
Rori791
1 year, 11 months ago
Selected Answer: B
(option C) is a good to help determine the probability and potential impact of each vulnerability. However, it may not be the most practical next step because of the huge number of vulnerabilities discovered. Performing a thorough risk assessment can be time-consuming and may delay remediation efforts, which could leave the organization vulnerable to attack. It may be more practical and efficient to focus on remediating the critical and high vulnerabilities first (option B), which can help reduce the overall risk to the organization.
upvoted 4 times
Rori791
1 year, 11 months ago
I’m a bit conflicted, because there’s a keyword here and its “new” vulnerability spanning platform, it is possible that some of the vulnerabilities detected may be false positives or may not be exploitable in the organization's specific environment. The best option here would be “C”, performing a risk calculation to determine the probability and magnitude of exposure would be the most appropriate next step. By performing a risk calculation, the analyst can prioritize remediation efforts based on the likelihood and potential impact of each vulnerability, taking into account the organization's specific environment.
upvoted 1 times
...
...
Dutch012
2 years ago
I think D works best, I don't know actually
upvoted 1 times
LayinCable
1 year, 7 months ago
Hahahaha
upvoted 1 times
...
...
CyberCEH
2 years, 1 month ago
C is the logical step.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel