CompTIA Security+ (SY0-701) — Question 306

Which of the following is a risk of conducting a vulnerability assessment?

Answer options

• A. A disruption of business operations
• B. Unauthorized access to the system
• C. Reports of false positives
• D. Finding security gaps in the system

Correct answer: A

Explanation

The correct answer is A, as conducting a vulnerability assessment can lead to interruptions in business operations due to system scanning or testing activities. Options B and C, while they represent concerns, are not direct risks of the assessment process itself, and D is an expected outcome that highlights security issues rather than a risk.