CompTIA CySA+ CS0-003 Practice Question

You are managing a bug bounty program for a financial services institution. A researcher submits a report detailing a vulnerability that allows unauthorized access to customer accounts by exploiting an insecure API endpoint. What is the first recommended action you should take in handling this report?

  • Publicly disclose the issue to alert customers.

  • Inform the researcher that you will get back to them after further assessment.

  • Validate the vulnerability to confirm if it is legitimate.

  • Reward the researcher for identifying the vulnerability.

CompTIA CySA+ CS0-003
Vulnerability Management
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot