Crucial Exams

CompTIA CySA+ CS0-003 Practice Question

During a routine vulnerability assessment, a scanner reports a high-severity flaw on a networked server indicating weak authentication allowing potential unauthorized access. Further manual verification reveals that the server is configured with a public-key infrastructure for all user access, negating the use of passwords. How should this finding from the vulnerability scanner be classified?

  • It indicates a need for reconfiguration of the scanning tool to avoid such high-severity, misleading alerts in the future.

  • The report should be considered a true positive, implying an immediate requirement for security enhancement on the server.

  • This is a false positive as the existing strong authentication mechanism is not taken into account by the automated scan.

  • This finding is accurate and points to an actual vulnerability because the scanner identified it as high-severity, regardless of the authentication method in place.

CompTIA CySA+ CS0-003
Vulnerability Management
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
SAVE $49
CompTIA Cybersecurity Analyst Voucher (CySA+ CS0-003)
$404.00 $355.00
Bash, the Crucial Exams Chat Bot
AI Bot