ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 216 discussion

Actual exam question from CompTIA's CS0-003
Question #: 216
Topic #: 1
[All CS0-003 Questions]

A company has decided to expose several systems to the internet. The systems are currently available internally only. A security analyst is using a subset of CVSS3.1 exploitability metrics to prioritize the vulnerabilities that would be the most exploitable when the systems are exposed to the internet. The systems and the vulnerabilities are shown below:



Which of the following systems should be prioritized for patching?

  • A. brown
  • B. grey
  • C. blane
  • D. sullivan
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by narst at Feb. 24, 2024, 6:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
FT000
Highly Voted 9 months, 4 weeks ago
Selected Answer: C
For internet facing systems, the most vulnerable are those who have attach vectors which are on the network (AV/N), have low complexity (AC/L) and have high impact on CIA (A/H). Option C, blane ticks all the 3 boxes and hence is most vulnerable and needs to be prioritised for patching
upvoted 26 times
...
bettyboo
Most Recent 9 months ago
Selected Answer: C
C. blane
upvoted 4 times
...
Jhonattan0032
9 months, 3 weeks ago
Selected Answer: C
I agreed with FT000
upvoted 2 times
...
narst
9 months, 4 weeks ago
Selected Answer: A
For internet-facing systems, we should prioritize vulnerabilities with lower Access Vector (AV) and lower Attack Complexity (AC) scores. Lower scores indicate easier exploitation. So, the system that should be prioritized for patching is brown (AV:L AC:L). Therefore, the correct answer is: A. brown
upvoted 1 times
bettyboo
9 months ago
Brown’s attack vector is local. No one’s touching that vulnerability if they don’t have access to the network locally. Blane’s tho, has a Network attack vector. Anyone with internet can exploit it. Complexity is low and impact on availability is high.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel