Exam CS0-003 topic 1 question 413 discussion

Given answer is correct. *The vulnerability remediation timeframes tab tells us that CVSS 7.9 < 9.0 are the only vulnerabilities that must be patched within 14 days. *The output tab tells us that there are three servers that are vulnerable within this CVSS range, and they are all CVSS 8.1: 192.168.50.5 192.168.60.5 192.168.76.5 *The environment tab tells us: 192.168.50.5 is in the uat.comptia.org environment 192.168.60.5 is in the prod.comptia.org environment 192.168.76.5 is in the dev.comptia.org environment. *The vulnerability remediation timeframes tab also tells us that this vulnerability only applies to the prod environment, thereby eliminating the other two, and leaving us with 192.168.60.5 as the only one we need to patch. *The output tab tells us the following about CVSS 8.1: Untrusted SSL/TLS Server X.509 certificate (The server's TLS/SSL certificate is signed by a certificate authority that is untrusted or unknown). The fix for this is patch; upload signed certificate from trusted third-party provider Answer: 192.168.60.5 Patch; upload signed certificate from trusted third-party provider

Patching within 14 days only applies to vulnerablities with CVSS between 7.9 and 9 of Prod environment. Only vulnerability which falls in this cathegory is Untrusted SSL/TLS Server X.509 certificate. Patching it and uploading a cert from a trusted provider directly addresses the issue.