CompTIA A+ Core 2 (220-1102) — Question 116

A Chief Executive Officer has learned that an exploit has been identified on the web server software, and a patch is not available yet. Which of the following attacks MOST likely occurred?

Answer options

• A. Brute force
• B. Zero day
• C. Denial of service
• D. On-path

Correct answer: B

Explanation

A Zero day attack occurs when a vulnerability is exploited before the vendor releases a patch. Since the CEO has identified an exploit with no available patch, it indicates that the attack is exploiting a previously unknown vulnerability, characteristic of a zero day. The other options, such as brute force, denial of service, and on-path, do not specifically relate to the scenario of an unpatched web server vulnerability.