CompTIA CySA+ (CS0-001) — Question 12

An organization wants to remediate vulnerabilities associated with its web servers. An initial vulnerability scan has been performed, and analysts are reviewing the results. Before starting any remediation, the analysts want to remove false positives to avoid spending time on issues that are not actual vulnerabilities. Which of the following would be an indicator of a likely false positive?

Answer options

• A. Reports show the scanner compliance plug-in is out-of-date.
• B. Any items labeled "˜low' are considered informational only.
• C. The scan result version is different from the automated asset inventory.
• D. "˜HTTPS' entries indicate the web page is encrypted securely.

Correct answer: B

Explanation

Option B is correct because items labeled 'low' are generally considered informational and may not represent real vulnerabilities, indicating a higher chance of being false positives. Options A and C relate to the validity of the scanning process but do not directly indicate a false positive. Option D is a valid indication of secure encryption, not a false positive.