New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CAS-005 Exam - Topic 3 Question 20 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 20
Topic #: 3
[All CAS-005 Questions]

[Security Architecture]

A security analyst is using data provided from a recent penetration test to calculate CVSS scores to prioritize remediation. Which of the following metric groups would the analyst need to determine to get the overall scores? (Select three).

Show Suggested Answer Hide Answer
Suggested Answer: A, E, F

The Common Vulnerability Scoring System (CVSS) v3.1 uses three metric groups to calculate overall scores:Base,Temporal, andEnvironmental.

Base (E):Mandatory metrics assessing exploitability (e.g., attack vector) and impact (confidentiality, integrity, availability).

Temporal (A):Optional metrics reflecting the current state of the vulnerability (e.g., exploit availability, remediation level).

Environmental (F):Optional metrics tailoring the score to the organization's context (e.g., security requirements).

B, C, D (Availability, Integrity, Confidentiality):These are subcomponents of the Base Impact metrics, not standalone groups.

G (Impact):A categorywithin Base, not a group.

H (Attack vector):A single Base metric, not a group.


by Nu at Nov 19, 2025, 01:33 PM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Gail
18 hours ago
Wait, are you sure about Environmental? Seems less important.
upvoted 0 times
...
Dana
6 days ago
Totally agree, those are the key ones!
upvoted 0 times
...
Paulina
11 days ago
You need the Base, Temporal, and Environmental metrics.
upvoted 0 times
...
Chauncey
16 days ago
Ah, the age-old question of CVSS metrics. I'll just consult my trusty cybersecurity crystal ball.
upvoted 0 times
...
Jannette
21 days ago
I'm just here for the free snacks. What do these CVSS things have to do with my love of cookies?
upvoted 0 times
...
Fidelia
27 days ago
I heard the correct answer is Attack Vector, Attack Complexity, and Privileges Required. Nailed it!
upvoted 0 times
...
Lavina
1 month ago
Don't forget the Scope and User Interaction factors. Gotta have a complete picture for those CVSS scores!
upvoted 0 times
...
Precious
1 month ago
Definitely need to look at the Confidentiality, Integrity, and Availability impact as well. Can't forget those key metrics!
upvoted 0 times
...
Annice
1 month ago
The analyst would need to determine the Attack Vector, Attack Complexity, and Privileges Required to get the overall CVSS scores.
upvoted 0 times
...
Janet
2 months ago
I’m pretty confident that Base metrics are essential, but I’m a bit confused about whether we need Temporal or Environmental for the overall score.
upvoted 0 times
...
Franklyn
2 months ago
Got it, the three metric groups are base, temporal, and environmental. That makes sense to get the full picture for prioritizing remediation. I feel pretty confident I can answer this question now.
upvoted 0 times
...
Brittni
2 months ago
Okay, for CVSS scoring, we need to consider the base metrics, which cover the vulnerability characteristics. Then there are the temporal metrics for the current state of the vulnerability, and the environmental metrics for the specific organization.
upvoted 0 times
...
Janet
2 months ago
I remember practicing a question about CVSS scores, and I think the Base metrics are definitely one of them. Not sure about the other two though.
upvoted 0 times
...
Lisha
3 months ago
I feel like Temporal metrics might be important for understanding how quickly a vulnerability can be exploited, but I can't recall the third one.
upvoted 0 times
...
Devora
3 months ago
I think we need to look at the Base, Temporal, and Environmental metrics, but I'm not entirely sure if Environmental is always necessary.
upvoted 0 times
...
Claribel
3 months ago
Hmm, I'm a bit unsure about this. I know CVSS has different metric groups, but I can't remember which ones exactly. I'll have to review my notes.
upvoted 0 times
...
Laurel
3 months ago
I think I know this one. We need to look at the base, temporal, and environmental metric groups to calculate the overall CVSS score.
upvoted 0 times
Roxane
2 months ago
Base metrics are definitely the starting point!
upvoted 0 times
...
Fannie
2 months ago
I agree, those three groups are essential for the CVSS score.
upvoted 0 times
...
...

Save Cancel