CompTIA CySA+ (CS0-001) — Question 215

A recent vulnerability scan found four vulnerabilities on an organization's public Internet-facing IP addresses. Prioritizing in order to reduce the risk of a breach to the organization, which of the following should be remediated FIRST?

Answer options

• A. A cipher that is known to be cryptographically weak.
• B. A website using a self-signed SSL certificate.
• C. A buffer overflow that allows remote code execution.
• D. An HTTP response that reveals an internal IP address.

Correct answer: C

Explanation

The correct answer is C, as a buffer overflow that allows remote code execution poses a significant risk, potentially giving attackers full control over the system. While the other options also represent vulnerabilities, they do not present the same immediate threat level that can lead to a complete system compromise.