New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA SY0-701 Exam - Topic 1 Question 1 Discussion

Actual exam question for CompTIA's SY0-701 exam
Question #: 1
Topic #: 1
[All SY0-701 Questions]

Which of the following is used to quantitatively measure the criticality of a vulnerability?

Show Suggested Answer Hide Answer
Suggested Answer: B

CVSS stands for Common Vulnerability Scoring System, which is a framework that provides a standardized way to assess and communicate the severity and risk of vulnerabilities. CVSS uses a set of metrics and formulas to calculate a numerical score ranging from 0 to 10, where higher scores indicate higher criticality. CVSS can help organizations prioritize remediation efforts and compare vulnerabilities across different systems and vendors.The other options are not used to measure the criticality of a vulnerability, but rather to identify, classify, or report them.Reference:CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 39


by Mattie at Dec 25, 2023, 12:03 AM

Limited Time Offer

25%

Off

Get Premium SY0-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Izetta
3 months ago
I’m surprised CVSS is the answer, I always thought it was more complex!
upvoted 0 times
...
Chauncey
3 months ago
CIA is more about confidentiality, integrity, and availability, not vulnerabilities.
upvoted 0 times
...
Tatum
3 months ago
Wait, I thought CVE was the main one for this?
upvoted 0 times
...
Mica
4 months ago
Totally agree, CVSS is super important!
upvoted 0 times
...
Sommer
4 months ago
CVSS is the standard for measuring vulnerability severity.
upvoted 0 times
...
Dannie
4 months ago
I’m leaning towards CVSS too, but I keep mixing it up with CIA and CERT.
upvoted 0 times
...
Olga
4 months ago
I feel like I’ve seen practice questions where CVSS was the answer for measuring vulnerability severity.
upvoted 0 times
...
Tammy
4 months ago
I remember studying CVE and CVSS, but I’m confused about which one actually quantifies the criticality.
upvoted 0 times
...
Aleta
5 months ago
I think CVSS is the one used for measuring vulnerability criticality, but I’m not entirely sure.
upvoted 0 times
...
Yuki
5 months ago
This seems like a straightforward question. CVSS is the industry standard for quantifying vulnerability severity, so that's the answer I'm going with.
upvoted 0 times
...
Ulysses
5 months ago
I'm a bit confused on the difference between CVE, CVSS, CIA, and CERT. I'll have to review my notes to make sure I understand the right framework for measuring vulnerability criticality.
upvoted 0 times
...
Belen
5 months ago
Okay, let me think this through. CVSS seems like the most likely answer since it's a numerical scoring system for assessing vulnerability risk. I'll go with that.
upvoted 0 times
...
Rory
5 months ago
Hmm, I'm not totally sure about this one. I know CVE is a database of known vulnerabilities, but I'm not sure if that's used to quantify criticality.
upvoted 0 times
...
Sheldon
5 months ago
I'm pretty sure the answer is CVSS, that's the standard metric for measuring vulnerability severity.
upvoted 0 times
...
Gearldine
5 months ago
Hmm, this one seems tricky. I'll need to think carefully about the differences between those two wildcards.
upvoted 0 times
...
Dong
5 months ago
I've worked with ITSM tools before, so I think I can narrow this down pretty quickly. Time to put that experience to use!
upvoted 0 times
...
Carma
2 years ago
Haha, good one Edelmira. CVE is about as useful as a CERT at a wedding, am I right? CVSS is definitely the answer here.
upvoted 0 times
...
Edelmira
2 years ago
Yeah, CVSS is the way to go. I remember learning about it in my security training. It's a lot more reliable than something like CVE, which is just a vulnerability identifier, not a measure of severity.
upvoted 0 times
...
Blondell
2 years ago
I agree with Rashad. CVSS is definitely the way to go. It takes into account factors like exploitability and impact to give you a clear, numerical score for the criticality of a vulnerability.
upvoted 0 times
...
Rashad
2 years ago
Hmm, this question is a tricky one. I'm pretty sure the answer is B) CVSS, or the Common Vulnerability Scoring System. It's the industry standard for quantifying the severity of a vulnerability.
upvoted 0 times
Cristy
2 years ago
Yes, that's correct. B) CVSS is the right answer.
upvoted 0 times
...
Tess
2 years ago
Got it, thanks for explaining. So, the answer is B) CVSS then?
upvoted 0 times
...
Rosalyn
2 years ago
CVSS stands for Common Vulnerability Scoring System. It's used to measure the criticality of a vulnerability quantitatively.
upvoted 0 times
...
Chara
2 years ago
Oh, really? I wasn't sure about that. What does CVSS stand for?
upvoted 0 times
...
Vernell
2 years ago
No, it's not A) CVE. I believe the correct answer is B) CVSS.
upvoted 0 times
...
Viva
2 years ago
I think the answer is A) CVE.
upvoted 0 times
...
...

Save Cancel