CompTIA CySA+ (CS0-002) — Question 161

A cybersecurity analyst is reading a daily intelligence digest of new vulnerabilities. The type of vulnerability that should be disseminated FIRST is one that:

Answer options

• A. enables remote code execution that is being exploited in the wild.
• B. enables data leakage but is not known to be in the environment.
• C. enables lateral movement and was reported as a proof of concept.
• D. affected the organization in the past but was probably contained and eradicated.

Correct answer: A

Explanation

The correct answer is A because vulnerabilities that enable remote code execution and are actively being exploited pose an immediate threat to systems and require urgent attention. Options B, C, and D represent vulnerabilities that either are not currently being exploited, have uncertain implications, or relate to past incidents that may not present an immediate risk.