Exam CS0-003 topic 1 question 216 discussion

Actual exam question from CompTIA's CS0-003

Question #: 216
Topic #: 1

A company has decided to expose several systems to the internet. The systems are currently available internally only. A security analyst is using a subset of CVSS3.1 exploitability metrics to prioritize the vulnerabilities that would be the most exploitable when the systems are exposed to the internet. The systems and the vulnerabilities are shown below:

Which of the following systems should be prioritized for patching?

A. brown
B. grey
C. blane
D. sullivan

Show Suggested Answer

Suggested Answer: C 🗳️

by narst at Feb. 24, 2024, 6:15 p.m.

Comments

Submit Cancel

FT000

Highly Voted 11 months, 2 weeks ago

Selected Answer: C

For internet facing systems, the most vulnerable are those who have attach vectors which are on the network (AV/N), have low complexity (AC/L) and have high impact on CIA (A/H). Option C, blane ticks all the 3 boxes and hence is most vulnerable and needs to be prioritised for patching

upvoted 26 times

...

bettyboo

Most Recent 10 months, 3 weeks ago

Selected Answer: C

C. blane

upvoted 4 times

...

Jhonattan0032

11 months, 2 weeks ago

Selected Answer: C

I agreed with FT000

upvoted 2 times

...

narst

11 months, 2 weeks ago

Selected Answer: A

For internet-facing systems, we should prioritize vulnerabilities with lower Access Vector (AV) and lower Attack Complexity (AC) scores. Lower scores indicate easier exploitation. So, the system that should be prioritized for patching is brown (AV:L AC:L). Therefore, the correct answer is: A. brown

upvoted 1 times

bettyboo

10 months, 3 weeks ago

Brown’s attack vector is local. No one’s touching that vulnerability if they don’t have access to the network locally. Blane’s tho, has a Network attack vector. Anyone with internet can exploit it. Complexity is low and impact on availability is high.

upvoted 3 times

...