CompTIA CySA+ (CS0-001) — Question 11

An alert has been distributed throughout the information security community regarding a critical Apache vulnerability. Which of the following courses of action would ONLY identify the known vulnerability?

Answer options

• A. Perform an unauthenticated vulnerability scan on all servers in the environment.
• B. Perform a scan for the specific vulnerability on all web servers.
• C. Perform a web vulnerability scan on all servers in the environment.
• D. Perform an authenticated scan on all web servers in the environment.

Correct answer: B

Explanation

Option B is correct because it targets the specific vulnerability, ensuring it is identified. Options A and C may miss the specific vulnerability since they are broader scans, and Option D, while thorough, does not focus solely on the known vulnerability.