Examice

Exam CS0-003 All QuestionsBrowse all questions from this exam

Question 152

A vulnerability scanner generates the following output:

The company has an SLA for patching that requires time frames to be met for high-risk vulnerabilities. Which of the following should the analyst prioritize first for remediation?

Oracle JDK

Cisco Webex

Redis Server

SSL Self-signed Certificate

Correct Answer: A

The Oracle Java JDK / JRE 6 < Update 30 Multiple Vulnerabilities should be prioritized first for remediation. This vulnerability has a CVSS score of 10, classifying it as 'Critical'. Such high-risk vulnerabilities should always be prioritized for patching, even if they have resurfaced, because they pose the greatest potential threat to the system. Additionally, the resurfaced status and the fact that it was identified only 4 days ago indicate it is a recent and serious concern.

Discussion

jaeyonOption: C

The only vulnerability with a (high) rating in the provided list is the Redis Vulnerability. CVSS Scores: None 0.0, Low 0.1 - 3.9, Medium 4.0 - 6.9, High 7.0 - 8.9, Critical 9.0 - 10.0. Another trick question by CompTIA. In the real-world there would be SLA for Critical as well if there is one for High. I am not 100% sure but I am going with C on this one as its my 6th CompTIA test.

Kmelaun

Agreed you would remediate the highest active risk before you have look at something that has resurfaced. Although the age of the resurfaced vulnerability is higher, it can be a false positive due to the scanner not applying the exception after this vulnerability has already been patched or mitigated with a compensating control.

kmordalvOption: A

According to CVSS, vulnerabilities are classified as follows: none (0.0), low (0.1-3.9), medium (4.0-6.9), high (7.0-8.9), critical (9.0-10.0) If The company has an SLA for patching that requires time frames to be met for high-risk vulnerabilities, means that the Redis vulnerability will be covered so it would not be a vulnerability that the analyst should be concerned about. It seems that the SLA does not cover Extremely High Risk (critical) vulnerabilities. Yes I know, it is a little hard to believe but you have to think about what CompTia wants us to think with the question. Since this is a resurfaced vulnerability and the number of days, the analyst should analyze whether this is a patched vulnerability or, on the contrary, a new vulnerability that has been found.

section8santaOption: A

From the output, the Oracle Java JDK / JRE 6 < Update 30 Multiple Vulnerabilities has the highest CVSS score of 10, which classifies it as a critical vulnerability. Given its high risk and the fact that it is a recent vulnerability (only 4 days old), this should be prioritized first for remediation.

ha33yp0tt3r69Option: C

When prioritizing patching activities, it's generally recommended to address active vulnerabilities first. Active vulnerabilities are those that are currently being exploited or have a higher likelihood of being exploited in the near future. By patching active vulnerabilities promptly, you can mitigate the immediate risk of a successful attack and protect your systems from known threats. Resurfaced vulnerabilities, on the other hand, may have been patched in the past but have reappeared due to various reasons such as system changes, updates, or configuration issues. While resurfaced vulnerabilities should not be ignored, they may not pose an immediate threat if they are not actively being exploited at the moment.

[Removed]Option: A

CVSS 10 is a big deal. It also resurfaced, is newer, and has a higher CVSS score than Redis, which has been active for a long time now, but no indication of a successful exploit.

RobVOption: C

C. Redis Server The fact that they mention the time SLA and it has been active for 43 days.

deedenOption: C

I believe it's an SLA question rather than CVSS score. From experience, our SLA for critical and high severity patches is within 30 days, therefore in this sense I vote C. But there is no timeframe mentioned here so it's just an assumption.

dcdc1000Option: A

Because CVSS iis 10

maggie22Option: A

High-severity vulnerabilities (especially those with a CVSS score of 10) are often easier to exploit and might already have exploits available in the wild. Attackers can leverage these vulnerabilities to gain privileged access or control over affected systems quickly.While the server has an active vulnerability, the lower CVSS score suggests it may be less likely to be exploited or might have mitigating factors that reduce its immediate impact.

Ree1234Option: A

I go with A

VVV4WINOption: A

It would be madness not to go for Oracle JDK. I know this is CompTIA and we can argue about how the worded it, however their exams are not simple right wrong answers and works on a scale, so even there Oracle will be at least rewarded some points. Either way, in the real world it is obvious to remediate the Oracle JDK server first.

muvisanOption: A

I think the "high-risk" in the question does not explicitly mean only "high" severity vulnerabilities only, but in general the vulnerabilities which have higher risk - meaning the high and critical ones. Also, there is no severity "high-risk", just high. And there are time frameS mentioned for high-risk vulnerabilities. Not one time frame. So I would understand that for critical there is one, and for high another time frame? Because of that I would vote for answer A (CVSS is 10 and resurfaced 4 days ago).

tacticaleightOption: A

CVSS is 10 so answer is A

zecomeia_007Option: A

Oracle JDK

c83335bOption: A

age: 4 days CVSS of 10. what you mean option C? is A no questions asked.

thisguyfucksOption: C

Id say C as it the only active vulnerability

CyberJackalOption: C

I think this is a curveball question to look at more than just the vulneranility metrics. For the Redis line item, the CVE states that password authentication is ineffective- meaning its exploitable when only using a password 1fa and by that nature of the exploit itself is a higher priority than the rest.