Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA CS0-003 Exam - Topic 2 Question 59 Discussion

A cryptocurrency service company is primarily concerned with ensuring the accuracy of the data on one of its systems. A security analyst has been tasked with prioritizing vulnerabilities for remediation for the system. The analyst will use the following CVSSv3.1 impact metrics for prioritization:Which of the following vulnerabilities should be prioritized for remediation?
B) 2
A) 1
C) 3
D) 4

CompTIA CS0-003 Exam - Topic 2 Question 59 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 59
Topic #: 2
[All CS0-003 Questions]

A cryptocurrency service company is primarily concerned with ensuring the accuracy of the data on one of its systems. A security analyst has been tasked with prioritizing vulnerabilities for remediation for the system. The analyst will use the following CVSSv3.1 impact metrics for prioritization:

Which of the following vulnerabilities should be prioritized for remediation?

Show Suggested Answer Hide Answer
Suggested Answer: B

Vulnerability 2 has the highest impact metrics, specifically the highest attack vector (AV) and attack complexity (AC) values. This means that the vulnerability is more likely to be exploited and more difficult to remediate.


CVSS v3.1 Specification Document, section 2.1.1 and 2.1.2

The CVSS v3 Vulnerability Scoring System, section 3.1 and 3.2

Contribute your Thoughts:

0/2000 characters
Dierdre
2 days ago
I feel like I need to double-check how the impact metrics work. I think the environmental metrics might also play a role, but I'm not completely confident about that.
upvoted 0 times
...
Tarra
7 days ago
I think we practiced a similar question where we had to choose between different CVSS scores. If I recall correctly, the higher the score, the more urgent the remediation, right?
upvoted 0 times
...
Fanny
12 days ago
I remember we discussed how CVSS scores can really help in prioritizing vulnerabilities, but I'm not entirely sure which score is the most critical here.
upvoted 0 times
...

Save Cancel