CompTIA Exam CS0-003 Topic 3 Question 42 Discussion

Actual exam question for CompTIA's CS0-003 exam

Question #: 42
Topic #: 3

A security analyst is improving an organization's vulnerability management program. The analyst cross-checks the current reports with the system's infrastructure teams, but the reports do not accurately reflect the current patching levels. Which of the following will most likely correct the report errors?

AUpdating the engine of the vulnerability scanning tool

BInstalling patches through a centralized system

CConfiguring vulnerability scans to be credentialed

DResetting the scanning tool's plug-ins to default

Show Suggested Answer

Suggested Answer: C

Credentialed vulnerability scans allow the scanner to log into systems and retrieve accurate information about installed patches and configurations. If the reports do not reflect current patching levels, it is likely that the scan is being performed without credentials, leading to incomplete or inaccurate results.

Option A (Updating the scanning engine) ensures the tool has the latest detection capabilities but does not directly affect scan accuracy for missing patches.

Option B (Centralized patching) helps maintain consistency but does not correct reporting errors.

Option D (Resetting plug-ins) may be useful if plug-ins are outdated, but the primary issue is lack of privileged access during scanning.

Thus, C is the correct answer, as credentialed scans provide more accurate vulnerability assessments.

by Royal at Apr 04, 2025, 12:08 AM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF