ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A security team is adding a high-severity vulnerability discovered by Amazon Inspector to the organization's risk register. The finding references CVE-2023-12345 and shows a CVSS v3.1 Base score of 9.8 (Critical). To help executives quickly compare this item with other risks and decide on treatment priority, which single piece of information is most important to record in the new register entry?
The name of the scanning tool (Amazon Inspector) that generated the finding.
The AWS account ID where the affected Amazon ECS cluster is deployed.
The CVSS v3.1 Base score that quantifies the vulnerability's severity.
The date on which the vulnerable container image was last rebuilt.
Risk registers are decision tools; they need concise, quantitative data that lets stakeholders compare one risk with another. The CVSS Base score already combines exploitability and impact metrics into a universally understood 0-10 rating. Recording that score in the register gives leadership an immediate sense of the vulnerability's relative severity, enabling rapid prioritization. The AWS account ID, tool name, and last image rebuild date may aid investigation or housekeeping, but they contribute little to risk quantification and do not directly support ranking decisions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is CVSS v3.1 and why is it important?
Open an interactive chat with Bash
What is the significance of a CVE ID in security findings?
Open an interactive chat with Bash
Why is the CVSS Base score prioritized over other data for a risk register?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .