CompTIA CySA+ (CS0-003) — Question 122

An analyst is evaluating a vulnerability management dashboard. The analyst sees that a previously remediated vulnerability has reappeared on a database server. Which of the following is the most likely cause?

Answer options

• A. The finding is a false positive and should be ignored.
• B. A rollback had been executed on the instance.
• C. The vulnerability scanner was configured without credentials.
• D. The vulnerability management software needs to be updated.

Correct answer: B

Explanation

The correct answer is B because a rollback can restore the vulnerable state of the database server, reinstating previously mitigated vulnerabilities. Answer A is incorrect since false positives would not cause a real vulnerability to reappear. Option C is not applicable here as credentials are not relevant if a legitimate rollback occurred. Lastly, option D does not address the specific situation of a reappeared vulnerability after remediation.