Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam CS0-002 topic 1 question 129 discussion

Actual exam question from CompTIA's CS0-002
Question #: 129
Topic #: 1
[All CS0-002 Questions]

A routine vulnerability scan detected a known vulnerability in a critical enterprise web application. Which of the following would be the BEST next step?

  • A. Submit a change request to have the system patched.
  • B. Evaluate the risk and criticality to determine if further action is necessary.
  • C. Notify a manager of the breach and initiate emergency procedures.
  • D. Remove the application from production and inform the users.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
skibby16
3 months, 3 weeks ago
Selected Answer: B
Before taking any immediate actions, it's essential to evaluate the risk and criticality of the known vulnerability. This involves assessing the potential impact on the organization, understanding the exploitability of the vulnerability, and considering the business context. Based on this evaluation, the organization can make informed decisions about the urgency and appropriate response, whether it involves immediate patching, implementing compensating controls, or planning a more comprehensive remediation strategy. Simply patching without understanding the risk may lead to unintended consequences or unnecessary disruptions.
upvoted 1 times
...
uday1985
6 months, 2 weeks ago
Known Vuln = Known impact, risk and consequences ! So patch it! Again dumb question! However, in real life! there is always testing the patch ! it might break things in the site
upvoted 2 times
Chilaqui1es
5 months ago
Known = There is a patch for it / missing patch Critical System means act asap
upvoted 2 times
...
...
buchhe
7 months, 2 weeks ago
Selected Answer: A
It is a known vulnerability on the company's web application.... which implies the possible accessible to and from the world. I think some of you voted for B are overthinking of the issue. It needs to initiate change management....
upvoted 1 times
...
SimonR2
11 months ago
A "vulnerability" was found in a "critical system". From that information we have no way of knowing if the vulnerability is even relevant or how serious it is. This is why the analyst must determine the severity of the vulnerability and it's relevance. Like for example in my company we have an internal load balancer which is currently outdated an running on an old software version. We can see the vulnerabilities but since the load balancer is only internally accessible it's not necessary for us to patch it. Therefore we ignore those particular vulnerabilities it finds. Definitely B
upvoted 3 times
novolyus
4 months ago
"Critical enterprise web application" remove all that you have explained in the second part of your comment. Web access and critical. You should patch it through change management procedure.
upvoted 1 times
...
...
cyberrae
11 months ago
Selected Answer: A
From the study guide practice questions and this exam dump - whenever compita has an question about an critical vulnerability - the answer is always to remove the critical vulnerability (I know in the real world - we verify beforehand)
upvoted 1 times
...
AaronS1990
1 year, 1 month ago
I have to agree with J0n45. I too thought B but question 215 makes me think A
upvoted 2 times
...
absabs
1 year, 1 month ago
Selected Answer: B
You must verify that web application accessible for wild life. I going with B. My opinion; concept of A is more narrow than B
upvoted 1 times
...
j0n45
1 year, 2 months ago
Hello everyone, I see all comments are choosing B and everything that's written makes sense. However I have a question; QUESTION 215 in this dump says: The analyst immediately deploys a critical security patch. and the ANSWER to that question was: A Known exploit was discovered. Then given the above, why would choose B over A, if we use the same logic in the 2 questions? I mean both are mentioning a known vulnerability/exploit was discovered.. I will monitor that question for an answer until the next 7 days (day of the exam), appreciate your feedback profs.
upvoted 3 times
2Fish
1 year ago
I think the difference here was or is, in this question, it mentions it is a "known vulnerability" in a Critical system. In question 215 from you description, is mentions a critical security patch. This question does not mention there was a critical exploit found. I see what your saying though
upvoted 3 times
...
...
gwanedm
1 year, 3 months ago
Selected Answer: B
Any time you have a vulnerability show up on a scan result it has to be verified
upvoted 1 times
...
jchutch2
1 year, 5 months ago
Selected Answer: B
B You don't just blindly have a critical system patched without evaluating the risk, not only of the vulnerability but also of installing the patch. Patches ROUTINELY bring down critical services.
upvoted 2 times
...
Treymb6
1 year, 5 months ago
Selected Answer: B
There is such a thing as risk acceptance. Since it is a critical application, you definitely want to make sure even NEED to mess with it first.
upvoted 3 times
...
tehge
1 year, 6 months ago
Selected Answer: B
the keyword is "a known vulnerability" which mean you need to re evaluate the vulnerability to know if there would be any impact
upvoted 3 times
...
Adrian831
1 year, 6 months ago
Selected Answer: B
Going with B also
upvoted 1 times
...
sh4dali
1 year, 6 months ago
Selected Answer: A
A is correct.
upvoted 2 times
...
marc4354345
1 year, 6 months ago
Selected Answer: B
B makes more sense. Always start by understanding what is the risk and possible impact.
upvoted 2 times
sh4dali
1 year, 6 months ago
Not really. It already said critical patch is missing.
upvoted 1 times
Maverick713
1 year, 6 months ago
Actually it doesn't. It says a critical system, not a critical vulnerability. I thought A at first also but re-reading the question I am leaning with B.
upvoted 2 times
Big_Dre
7 months, 1 week ago
it also says a known vulnerability. if its know, there is no need to investigate more move on to patching. i stand with A
upvoted 2 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...