CompTIA CySA+ (CS0-003) — Question 121

A SOC manager is establishing a reporting process to manage vulnerabilities. Which of the following would be the best solution to identify potential loss incurred by an issue?

Answer options

• A. Trends
• B. Risk score
• C. Mitigation
• D. Prioritization

Correct answer: B

Explanation

The correct answer is B, as a risk score quantifies the potential impact of vulnerabilities, allowing for a clearer assessment of potential losses. Options A (Trends) and D (Prioritization) focus on observing patterns or ordering issues but do not directly assess financial impact. Option C (Mitigation) is about reducing risks rather than identifying potential losses.