ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 344 discussion

Actual exam question from CompTIA's CS0-003
Question #: 344
Topic #: 1
[All CS0-003 Questions]

During a training exercise, a security analyst must determine the vulnerabilities to prioritize. The analyst reviews the following vulnerability scan output:



Which of the following issues should the analyst address first?

  • A. Allows anonymous read access to /etc/passwd
  • B. Allows anonymous read access via any FTP connection
  • C. Microsoft Defender security definition updates disabled
  • D. less command allows for escape exploit via terminal
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ada26b1 at March 30, 2025, 3:32 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Justheretolook
1 month ago
Selected Answer: A
The correct answer is: A. Allows anonymous read access to /etc/passwd Explanation: In vulnerability management, prioritization is based on: • Severity of the vulnerability • Exposure level • Network context (e.g., corporate vs. guest network) • System sensitivity Let’s evaluate the options: A. Anonymous read access to /etc/passwd on a corporate VPN server (Ubuntu 22.04) • Critical system in the corporate network • /etc/passwd can give attackers usernames and system information • High risk, especially if combined with other exploits • Must be prioritized first
upvoted 3 times
...
taketaa
1 month ago
Selected Answer: A
Went with A for the following reason, even if modern Linux does no longer store password on /etc/passwd, it is a VPN server. An attacker can gather those listed users to then perform password sprays, proceed with phishing, or even just general Reconnaisance activity. If, it manages to discover one of the passwords, it has credentialed access to the organization VPN.
upvoted 2 times
taketaa
1 month ago
And access to some part/all of it's resources (depending of the user).
upvoted 1 times
...
...
ouflomana
2 months ago
Selected Answer: B
B allows easy remote access without authentication, while A needs some prior access to exploit. Also, modern /etc/passwd is not as critical anymore. It lists user account names and default shells, but the actual password hashes have been moved to /etc/shadow (which is more protected). Anonymous FTP is still a very serious risk because attackers can directly connect and act remotely, without needing any foothold inside the machine first.
upvoted 2 times
taketaa
1 month ago
Anonymous FTP is a risk, agreed, but, have a look at other information of the machine. It is a conference room computer (maybe has what, only meetings in there? some occasional file sharing?) that is on a guest network, so we could assume that the room computer is segregated from the Corporate network. Regarding the question, is this computer that critical of an asset that it becomes more important that a Domain Controller and/or a VPN server?
upvoted 1 times
taketaa
1 month ago
And also, you can put restrictions on anonymous users and configuring some security controls.
upvoted 1 times
...
...
...
Susan4041
2 months, 2 weeks ago
Selected Answer: C
A still has a security layer its in read where the server has no security layer at all. ITs C
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel