CompTIA CySA+ (CS0-002) — Question 221

A security analyst recently implemented a new vulnerability scanning platform. The initial scan of 438 hosts found the following vulnerabilities:

• 210 critical
• 1,854 high
• 1,786 medium
• 48 low

The analyst is unsure how to handle such a large-scale remediation effort. Which of the following would be the next logical step?

Answer options

• A. Identify the assets with a high value and remediate all vulnerabilities on those hosts.
• B. Perform remediation activities for all critical and high vulnerabilities first.
• C. Perform a risk calculation to determine the probability and magnitude of exposure.
• D. Identify the vulnerabilities that affect the most systems and remediate them first.

Correct answer: C

Explanation

The correct answer is C because performing a risk calculation allows the analyst to assess which vulnerabilities pose the greatest threat based on their likelihood of exploitation and potential impact. While options A, B, and D focus on addressing vulnerabilities based on asset value, severity, or prevalence, they do not consider the overall risk, which is essential for effective prioritization in remediation efforts.