CompTIA CySA+ (CS0-001) — Question 121

A logistics company's vulnerability scan identifies the following vulnerabilities on Internet-facing devices in the DMZ:
✑ SQL injection on an infrequently used web server that provides files to vendors
✑ SSL/TLS not used for a website that contains promotional information
The scan also shows the following vulnerabilities on internal resources:
✑ Microsoft Office Remote Code Execution on test server for a human resources system
✑ TLS downgrade vulnerability on a server in a development network
In order of risk, which of the following should be patched FIRST?

Answer options

• A. Microsoft Office Remote Code Execution
• B. SQL injection
• C. SSL/TLS not used
• D. TLS downgrade

Correct answer: A

Explanation

The Microsoft Office Remote Code Execution vulnerability poses a significant risk as it can allow attackers to execute arbitrary code on the server, potentially leading to data breaches or system compromise. While SQL injection and TLS-related vulnerabilities are serious, they typically present lower immediate risks compared to the potential impact of remote code execution. Therefore, patching the Microsoft Office vulnerability first is the most critical step.