اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

السؤال 176 من 1040

كل الأسئلة

تنبيه مهم

هذه الصفحة مخصصة للأرشفة وظهور السؤال في نتائج البحث فقط، وليست التجربة الفعلية للاختبار.

A security analyst is analyzing two vulnerabilities on a critical router. The analyst must choose only one to patch during this maintenance window. Given the following information:

Vulnerability 1 has not received a CVSS score. The vulnerability has the following characteristics:

Must be logged in to the router, but elevated privileges are not required.

Trivial to exploit, but user interaction is needed.

Low impact to availability, but high impact to confidentiality and integrity.

Vulnerability 2 has a CVSS score of AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H.

Which of the following conclusions should the analyst reach?

A Patch Vulnerability 1 because it has a higher overall impact when looking at confidentiality, integrity, and availability, and it requires lower privileges.
B Patch Vulnerability 1 because it is easier to exploit and has a higher impact on confidentiality.
C Patch Vulnerability 2 because it has a higher overall impact when looking at confidentiality, integrity, and availability, and it can be exploited by a privileged user.
D Patch Vulnerability 2 because it is easier to exploit, has a high impact on availability, and it is more likely to be exploited remotely.

السؤال السابق

السؤال التالي

لا توجد نقاشات منشورة لهذا السؤال حالياً.