Exam CS0-003 topic 1 question 379 discussion

Actual exam question from CompTIA's CS0-003

Question #: 379
Topic #: 1

A security analyst needs to identify a computer based on the following requirements to be mitigated:

• The attack method is network based with low complexity.
• No privileges or user action is needed.
• The confidentiality and availability level is high with a low integrity level.

Given the following CVSS 3.1 output:

Computer1 -
CVSS3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H

Computer2 -
CVSS3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

Computer3 -
CVSS3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H

Computer4 -
CVSS3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

Which of the following machines should the analyst mitigate?

A. Computer1
B. Computer2
C. Computer3
D. Computer4

Show Suggested Answer

Suggested Answer: D 🗳️

by 52895e9 at Dec. 20, 2024, 8:51 p.m.

Comments

Submit Cancel

Wolf541

5 months ago

Selected Answer: D

computer 4 matches perfectly with the requirements that are listed, looks like they updated the answer based on peoples comments below.

upvoted 1 times

...

hashed_pony

5 months, 4 weeks ago

Selected Answer: D

There's no way it's B. Computer4 is the only one that corresponds to all criteria.

upvoted 3 times

...

speed69

5 months, 4 weeks ago

Selected Answer: D

this question is capping. its computer 4

upvoted 3 times

...

BurN1nGSPheRE

6 months ago

Selected Answer: D

computer 4 AV:Network /AC:Low /PR:No/UI:No/S:U/C:H/I:L/A:H why we don't choose this lol

upvoted 1 times

...

ruelgo

6 months ago

Selected Answer: D

I think computer 4 perfectly matches all the criteria: Network attack vector, low complexity, no user action, and high confidentiality/availability with low integrity.

upvoted 2 times

...

Yanwo

6 months ago

Selected Answer: D

B is false because the AV is L. The requierement say AV shoul be N.

upvoted 2 times

...

52895e9

6 months ago

Selected Answer: D

Computer 4 matches the requirments.

upvoted 4 times

...