Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CS0-003 Exam - Topic 1 Question 18 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 18
Topic #: 1
[All CS0-003 Questions]

An analyst is evaluating a vulnerability management dashboard. The analyst sees that a previously remediated vulnerability has reappeared on a database server. Which of the following is the most likely cause?

Show Suggested Answer Hide Answer
Suggested Answer: B

The security analyst is validating a Local File Inclusion (LFI) vulnerability, as indicated by the ''/.../.../.../'' in the GET request which is a common indicator of directory traversal attempts associated with LFI. The other options are not relevant for this purpose: SQL injection involves injecting malicious SQL statements into a database query; XSS involves injecting malicious scripts into a web page; CSRF involves tricking a user into performing an unwanted action on a web application.


According to the CompTIA CySA+ Study Guide: Exam CS0-003, 3rd Edition1, one of the objectives for the exam is to ''use appropriate tools and methods to manage, prioritize and respond to attacks and vulnerabilities''. The book also covers the usage and syntax of Burp Suite, a tool used for testing web application security, in chapter 6. Specifically, it explains the meaning and function of each component in Burp Suite, such as Repeater, which allows the security analyst to modify and resend individual requests1, page 239. Therefore, this is a reliable source to verify the answer to the question.

by Breana at Apr 29, 2024, 09:40 AM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Mira
4 months ago
Wait, how can a remediated vuln just pop back up? Sounds sketchy!
upvoted 0 times
...
Gearldine
5 months ago
I agree, a rollback makes the most sense here.
upvoted 0 times
...
Vallie
5 months ago
Definitely could be a scanner issue if no creds were used.
upvoted 0 times
...
Phil
5 months ago
I think it's more likely a false positive.
upvoted 0 times
...
Carla
5 months ago
Probably a rollback happened, that's common.
upvoted 0 times
...
Stephaine
6 months ago
Updating the software sounds important, but I don't recall it being a common reason for vulnerabilities to reappear.
upvoted 0 times
...
Gennie
6 months ago
I wonder if the scanner being configured without credentials could be the issue. I feel like we touched on that in our last review session.
upvoted 0 times
...
Dominga
6 months ago
I think a rollback could definitely cause a vulnerability to reappear. We practiced a similar question about that.
upvoted 0 times
...
Jettie
6 months ago
I remember discussing false positives in class, but I'm not sure if that's the case here. It seems too specific.
upvoted 0 times
...
Ashlyn
6 months ago
Alright, time to put on my detective hat. I'll need to consider all the options, but a rollback or scanner config issue seem like the best bets.
upvoted 0 times
...
Gilbert
6 months ago
I've seen this kind of thing happen before. My money's on a rollback - that's probably the most likely explanation here.
upvoted 0 times
...
Wei
6 months ago
I'm a bit confused on this one. Could the vulnerability management software being out of date also cause the vulnerability to reappear?
upvoted 0 times
...
Alba
6 months ago
Hmm, this is a tricky one. I'll need to think through the possible causes carefully.
upvoted 0 times
...
Leota
6 months ago
Okay, let's see. A false positive seems unlikely since it was previously remediated. I'm leaning towards a rollback or an issue with the scanner configuration.
upvoted 0 times
...
Kaitlyn
6 months ago
Okay, let me think this through. We want to replace all occurrences of 'bob' with 'Bob' and print the result to standard output. I believe the correct answer is B, sed's/bob/Bob/g' data.
upvoted 0 times
...
Jutta
6 months ago
Okay, I've got this. SGLT2 inhibitors work in the kidney to block glucose reabsorption, so that's an easy one. I'll also select that along with any other classes I'm confident about.
upvoted 0 times
...
Marcos
11 months ago
I heard the analyst was actually a cat in a lab coat. No wonder they're confused!
upvoted 0 times
...
Jennifer
11 months ago
I bet the database server is running Windows 95. No wonder the vulnerability keeps coming back!
upvoted 0 times
Tequila
9 months ago
D) The vulnerability management software needs to be updated.
upvoted 0 times
...
Dominque
10 months ago
C) The vulnerability scanner was configured without credentials.
upvoted 0 times
...
Reita
10 months ago
B) A rollback had been executed on the instance.
upvoted 0 times
...
Ettie
10 months ago
A) The finding is a false positive and should be ignored.
upvoted 0 times
...
...
Lonny
11 months ago
The vulnerability management software needs an update? What is this, 1999? Clearly, it's a rollback situation.
upvoted 0 times
...
Earlean
11 months ago
Hold up, a false positive? Really? That's just lazy analysis. B is the way to go here.
upvoted 0 times
Denny
10 months ago
A) The finding is a false positive and should be ignored.
upvoted 0 times
...
Annelle
10 months ago
B) A rollback had been executed on the instance.
upvoted 0 times
...
Magdalene
10 months ago
C) The vulnerability scanner was configured without credentials.
upvoted 0 times
...
Hillary
10 months ago
A) The finding is a false positive and should be ignored.
upvoted 0 times
...
Corazon
11 months ago
B) A rollback had been executed on the instance.
upvoted 0 times
...
...
Aliza
12 months ago
Hmm, I was leaning towards C, but B makes a lot of sense too. A rollback would definitely explain the reappearance of the vulnerability.
upvoted 0 times
Edna
11 months ago
It's possible, but I still think B is the most likely cause in this situation.
upvoted 0 times
...
Serina
11 months ago
But what about C? Could the vulnerability scanner being configured without credentials also be a factor?
upvoted 0 times
...
Bobbye
11 months ago
I agree, a rollback seems like a plausible explanation for the reappearance of the vulnerability.
upvoted 0 times
...
Sina
11 months ago
I think B is the most likely cause. A rollback could have brought back the vulnerability.
upvoted 0 times
...
...
Reita
12 months ago
I'm pretty sure it's B. A rollback can definitely undo the remediation efforts and bring back the vulnerability.
upvoted 0 times
Lelia
11 months ago
It's possible. But it could also be that the vulnerability scanner was not configured properly.
upvoted 0 times
...
Misty
11 months ago
I think you might be right. A rollback could have caused the vulnerability to reappear.
upvoted 0 times
...
...
Benedict
1 year ago
I think it could also be a false positive and should be ignored.
upvoted 0 times
...
Shannon
1 year ago
I disagree, I believe the vulnerability management software needs to be updated.
upvoted 0 times
...
Norah
1 year ago
I think the most likely cause is that the vulnerability scanner was configured without credentials.
upvoted 0 times
...

Save Cancel