ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 613 discussion

Actual exam question from CompTIA's CAS-004
Question #: 613
Topic #: 1
[All CAS-004 Questions]

A security analyst is reviewing recently released CVEs for software used on servers. Given the following information:


CVE-1: AV:N/PR:L/AC:H/UI:R -

CVE-2: AV:L/PR:H/AC:H/UI:N -

CVE-3: AV:N/PR:L/AC:L/UI:N -

CVE-4: AV:P/PR:H/AC:L/UI:R -

CVE-5: AV:N/PR:H/AC: H/UI:N -

Which of the following CVEs should the security analyst prioritize first?

  • A. CVE-1
  • B. CVE-2
  • C. CVE-3
  • D. CVE-4
  • E. CVE-5
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Bright07 at Jan. 27, 2025, 1:42 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bright07
Highly Voted 3 months ago
Selected Answer: C
To determine which CVE to prioritize, we analyze the CVSS (Common Vulnerability Scoring System) vector string for each vulnerability. Higher severity vulnerabilities should be prioritized first. Explanation of the CVSS Vector Components: AV (Attack Vector): N (Network): The vulnerability is exploitable over a network. (Most critical) A (Adjacent): Exploitable in the same network segment. L (Local): Requires local access to exploit. P (Physical): Requires physical access to exploit. PR (Privileges Required): N (None): No privileges are required. (Most critical) L (Low): Low privileges are required. H (High): High privileges are required. AC (Attack Complexity): L (Low): Exploiting is straightforward. (Most critical) H (High): Exploiting is complex. UI (User Interaction): N (None): No user interaction is required. (Most critical) R (Required): User interaction is required. So, for CVE-3: AV:N/PR:L/AC:L/UI:N Exploitable over the network. Low privileges required. Low complexity, no user interaction. Severity: High.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago