CompTIA CySA+ (CS0-001) — Question 8

A system administrator recently deployed and verified the installation of a critical patch issued by the company's primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerability assessment of networked systems, and each of them still reported having the same vulnerability. Which of the following is the MOST likely explanation for this?

Answer options

• A. The administrator entered the wrong IP range for the assessment.
• B. The administrator did not wait long enough after applying the patch to run the assessment.
• C. The patch did not remediate the vulnerability.
• D. The vulnerability assessment returned false positives.

Correct answer: C

Explanation

The correct answer is C because if the patch was intended to fix the vulnerability but did not, the systems would still report the issue. Option A can be ruled out as it concerns the assessment process rather than patch effectiveness. Option B is also not valid since patches typically take effect immediately, and waiting longer would not alter the vulnerability status. Option D is incorrect because if all systems report the vulnerability, it suggests a systemic failure rather than isolated false positives.