ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 391 discussion

Actual exam question from CompTIA's CS0-002
Question #: 391
Topic #: 1
[All CS0-002 Questions]

A monthly job to install approved vendor software updates and hot fixes recently stopped working. The security team performed a vulnerability scan, which identified several hosts as having some critical OS vulnerabilities, as referenced in the common vulnerabilities and exposures (CVE) database. Which of the following should the security team do next to resolve the critical findings in the most effective manner? (Choose two.)

  • A. Patch the required hosts with the correct updates and hot fixes, and rescan them for vulnerabilities.
  • B. Remove the servers reported to have high and medium vulnerabilities.
  • C. Tag the computers with critical findings as a business risk acceptance.
  • D. Manually patch the computers on the network, as recommended on the CVE website.
  • E. Harden the hosts on the network, as recommended by the NIST framework.
  • F. Resolve the monthly job issues and test them before applying them to the production network.
Show Suggested Answer Hide Answer
Suggested Answer: AF 🗳️
by CyberCEH at May 20, 2023, 11:11 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Saphi
1 year, 7 months ago
Selected Answer: AF
This isn't an incident response but vulnerability management. There's nothing mentioned in this question about an intrusion. A and F are the most appropriate.
upvoted 2 times
...
HotWings8
1 year, 10 months ago
A & E A - Patch the required hosts with the correct updates and hot fixes, and rescan them for vulnerabilities: The first step should be to patch the required hosts with the correct updates and hot fixes. This will address the identified vulnerabilities and reduce the risk of a successful attack. Once the patching is complete, the security team should rescan the hosts for vulnerabilities to ensure that the patches have been applied successfully. E - Harden the hosts on the network, as recommended by the NIST framework: In addition to patching the hosts, the security team should also consider hardening the hosts on the network as recommended by the National Institute of Standards and Technology (NIST) framework. Hardening involves implementing security measures such as disabling unnecessary services, changing default passwords, and configuring firewalls. These measures will further reduce the risk of a successful attack and improve the overall security posture of the hosts.
upvoted 1 times
HotWings8
1 year, 9 months ago
Changing my answers to A,F
upvoted 1 times
...
...
karpal
1 year, 10 months ago
why containtmanet ? there is no incindent at this moment , we are not in kill chain mode. AF - these are rezolving the both issues - A -> hosts not updated now, and F -> update script not working
upvoted 1 times
...
Hershey2025
1 year, 11 months ago
First step should be containment. SO B F
upvoted 2 times
ProNerd
1 year, 9 months ago
Containment of what?
upvoted 1 times
...
tutita
1 year, 10 months ago
I don't think option B is a good option to "resolve the critical findings in a most effective manner" removing the servers will impact the availability and production, so I'm choosing AF
upvoted 1 times
...
...
CyberCEH
1 year, 11 months ago
answer AF
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago