CompTIA CySA+ (CS0-003) — Question 69

During a scan of a web server in the perimeter network, a vulnerability was identified that could be exploited over port 3389. The web server is protected by a WAF. Which of the following best represents the change to overall risk associated with this vulnerability?

Answer options

• A. The risk would not change because network firewalls are in use
• B. The risk would decrease because RDP is blocked by the firewall
• C. The risk would decrease because a web application firewall is in place
• D. The risk would increase because the host is external facing

Correct answer: D

Explanation

The correct answer is D because the external-facing nature of the host increases its exposure to potential threats, making the vulnerability more significant. Options A and B incorrectly assume that firewalls provide complete protection, while option C mistakenly suggests that the web application firewall mitigates the risk associated with RDP vulnerabilities.