A vulnerability scan shows the following vulnerabilities in the environment: At the same time, the...

CompTIA CS0-003 Question Answer

A vulnerability scan shows the following vulnerabilities in the environment:

At the same time, the following security advisory was released:

" A zero-day vulnerability with a CVSS score of 10 may be affecting your web server. The vendor is working on a patch or workaround. "

Which of the following actions should the security analyst take first?

Contact the web systems administrator and request that they shut down the asset.

Monitor the patch releases for all items and escalate patching to the appropriate team.

Run the vulnerability scan again to verify the presence of the critical finding and the zero-day vulnerability in the environment.

Forward the advisory to the web security team and initiate the prioritization strategy for the other vulnerabilities.

Explanation:

In this scenario, the security analyst is presented with multiple vulnerabilities, including a critical zero-day vulnerability affecting the web server with a CVSS score of 10. The CVSS (Common Vulnerability Scoring System) provides a standardized method for rating IT vulnerabilities, with a score of 10 indicating the highest severity.

Option A:Contact the web systems administrator and request that they shut down the asset.

Correct Choice:Given the critical nature of a zero-day vulnerability with a CVSS score of 10, immediate action is warranted to prevent potential exploitation. Shutting down the affected web server reduces the attack surface and mitigates the risk until a patch or workaround is available. This aligns with incident response best practices, where containment is a priority to prevent further damage.

Option B:Monitor the patch releases for all items and escalate patching to the appropriate team.

Incorrect Choice:While monitoring for patches is essential, it is a reactive approach. In the case of a zero-day vulnerability with active exploitation potential, waiting for a patch without implementing immediate protective measures exposes the organization to significant risk.

Option C:Run the vulnerability scan again to verify the presence of the critical finding and the zero-day vulnerability in the environment.

Incorrect Choice:Re-scanning may confirm the vulnerability ' s presence but does not address the immediate threat. Action to mitigate the risk should take precedence over verification, especially when the vulnerability is known and critical.

Option D:Forward the advisory to the web security team and initiate the prioritization strategy for the other vulnerabilities.

Incorrect Choice:Communicating with the web security team is important; however, in the face of a critical zero-day vulnerability, immediate action (such as shutting down the affected asset) is necessary before addressing other vulnerabilities.

[Reference:, CompTIA CySA+ CS0-003 Exam Objective 3.2: "Given a scenario, perform incident response activities." This includes containment strategies to address active threats effectively., , ]

CompTIA CS0-003 View All Questions

CompTIA CS0-003 Summary

Vendor: CompTIA
Product: CS0-003
Update on: May 14, 2026
Questions: 482

Price: $52.5 ~~$149.99~~

Buy Now CS0-003 PDF + Testing Engine Pack

Which of the following should be updated after a lessons-learned review?

Which of the following best describes root cause analysis?

Pre-Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A vulnerability scan shows the following vulnerabilities in the environment: At the same time, the...

The Answer Is:

Explanation:

CompTIA CS0-003 Summary

Payments We Accept

Contact Us