ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 83 discussion

Actual exam question from CompTIA's CS0-003
Question #: 83
Topic #: 1
[All CS0-003 Questions]

A security analyst needs to ensure that systems across the organization are protected based on the sensitivity of the content each system hosts. The analyst is working with the respective system owners to help determine the best methodology that seeks to promote confidentiality, availability, and integrity of the data being hosted. Which of the following should the security analyst perform first to categorize and prioritize the respective systems?

  • A. Interview the users who access these systems.
  • B. Scan the systems to see which vulnerabilities currently exist.
  • C. Configure alerts for vendor-specific zero-day exploits.
  • D. Determine the asset value of each system.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by kmordalv at Aug. 30, 2023, 11:20 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kmordalv
Highly Voted 1 year, 5 months ago
Selected Answer: D
Correct To categorize and prioritize the respective systems based on their sensitivity and the importance of the data they host, the security analyst should first determine the asset value of each system. This involves assessing the value of the information hosted on each system, the potential impact of a breach or compromise, and the criticality of the system to the organization's operations.
upvoted 5 times
bettyboo
11 months ago
I agree with D. Because value does not equal price, but rather what you said: "sensitivity and the importance of the data they host"
upvoted 2 times
...
...
belcher29
Most Recent 9 months, 2 weeks ago
My answer would be D. I believe the question is aimed around "Risk Calculation". Quantitative Risk & Qualitative Risk. Risk = Probability x Impact. Answer leaning towards D (& not A) because the question doesn't mention users (qualitative) but moreso the owners (quantitative). Quantitiative; suggesting "Single Loss Expectancy (SLE)", which is calculated SLE = AV x EF AV= Asset Value, EF= Exposure Factor. I was leaning towards A initially, but reading the question suggests owners (and not users), so it's down to how much money are they willing to lose if they lost services/data. D. Company reputation etc etc.
upvoted 2 times
...
deeden
1 year, 2 months ago
Selected Answer: D
Agree that asset value should come from owners, not users.
upvoted 1 times
...
Frog_Man
1 year, 3 months ago
Selected answer: A. It is part of your requirements gathering. It is the same question on the previous version exam and that was the answer on that version.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel