ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CV0-003 All Questions

View all questions & answers for the CV0-003 exam
Go to Exam

Exam CV0-003 topic 1 question 345 discussion

Actual exam question from CompTIA's CV0-003
Question #: 345
Topic #: 1
[All CV0-003 Questions]

A company that performs passive vulnerability scanning at its transit VPC has detected a vulnerability related to outdated web-server software on one of its public subnets. Which of the following can the company use to verify if this is a true positive with the least effort and cost? (Choose two.)

  • A. A network-based scan
  • B. An agent-based scan
  • C. A port scan
  • D. A red-team exercise
  • E. A credentialed scan
  • F. A blue-team exercise
  • G. Unknown environment penetration testing
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by FrancisDrake at March 9, 2024, 4:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Joshuac1392
Highly Voted 1 year, 2 months ago
Selected Answer: AE
Even though ChatGPT says otherwise, i agree with the answers provided
upvoted 5 times
...
BigM
Most Recent 2 months, 2 weeks ago
Selected Answer: AE
Explanation: To verify whether the vulnerability detected in the public subnet is a true positive, the company needs to perform a follow-up scan with the least effort and cost. ✔ A. A network-based scan – This is a passive or active scan that inspects network traffic and identifies vulnerable services without requiring agent installation. It is a low-cost and efficient method for verifying web server vulnerabilities. ✔ E. A credentialed scan – This scan logs into the web server using administrator credentials to check for vulnerabilities in installed software more accurately than an uncredentialed scan. It helps confirm outdated software versions and misconfigurations without false positives.
upvoted 1 times
...
WereAllinThisTogether
5 months, 4 weeks ago
Selected Answer: BE
E and B. If this pertains to software being vulnerable then a network scan will do nothing. Network based scans work at layer 4 of the OSI model and cannot detect application layer vulnerabilities. An agent such as; Tenable, Nexxus, Cisco Posturing module, SecureConnector can provide a in-depth scan of the software. D, ACAS and other scanning mechanisms can help facilitate information about the software through a credentialed scans. I find this very surprising and somewhat concerning no one knows this answer.
upvoted 1 times
...
FrancisDrake
1 year, 2 months ago
Selected Answer: AB
Least effort. Least cost.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago