CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

During a routine vulnerability assessment, a scanner reports a high-severity flaw on a networked server indicating weak authentication allowing potential unauthorized access. Further manual verification reveals that the server is configured with a public-key infrastructure for all user access, negating the use of passwords. How should this finding from the vulnerability scanner be classified?

  • It indicates a need for reconfiguration of the scanning tool to avoid such high-severity, misleading alerts in the future.

  • This finding is accurate and points to an actual vulnerability because the scanner identified it as high-severity, regardless of the authentication method in place.

  • This is a false positive as the existing strong authentication mechanism is not taken into account by the automated scan.

  • The report should be considered a true positive, implying an immediate requirement for security enhancement on the server.

Subscribe to avoid duplicate questions and track your progress over time

Your Score:
Vulnerability Management
Security Operations
Incident Response and Management
Reporting and Communication
CompTIA CySA+ CS0-003
  • Security Operations
  • Vulnerability Management
    • This question is filed here
  • Incident Response and Management
  • Reporting and Communication