CompTIA CASP+ (CAS-004) — Question 176

A security analyst runs a vulnerability scan on a network administrator's workstation. The network administrator has direct administrative access to the company’s SSO web portal. The vulnerability scan uncovers critical vulnerabilities with equally high CVSS scores for the user's browser, OS, email client, and an offline password manager. Which of the following should the security analyst patch FIRST?

Answer options

• A. Email client
• B. Password manager
• C. Browser
• D. OS

Correct answer: C

Explanation

The browser should be patched first because it is the primary interface for accessing the SSO web portal, making it a critical attack vector. While the OS and other applications are important, vulnerabilities in the browser can lead to immediate exposure to threats, especially when accessing sensitive systems.