CompTIA CS0-003 Exam - Topic 2 Question 54 Discussion

Actual exam question for CompTIA's CS0-003 exam

Question #: 54
Topic #: 2

During a training exercise, a security analyst must determine the vulnerabilities to prioritize. The analyst reviews the following vulnerability scan output:

Which of the following issues should the analyst address first?

AAllows anonymous read access to /etc/passwd

BAllows anonymous read access via any FTP connection

CMicrosoft Defender security definition updates disabled

Dless command allows for escape exploit via terminal

Show Suggested Answer

Suggested Answer: A

Allowing anonymous read access to /etc/passwd is a critical vulnerability because it can expose user account details, aiding attackers in password cracking and privilege escalation.

Option B (Anonymous FTP access) is a risk, but /etc/passwd exposure is more critical as it directly affects user authentication.

Option C (Defender updates disabled) is important, but it does not present an immediate attack vector like credential exposure.

Option D (less escape exploit) is significant, but it requires user interaction, making it less immediate than a global credential leak.

Thus, A is the correct answer, as it represents an immediate, high-impact security risk.

by Pearlene at Mar 05, 2026, 05:33 PM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!