CompTIA Security+ (SY0-701) — Question 496

Which of the following is a reason environmental variables are a concern when reviewing potential system vulnerabilities?

Answer options

• A. The contents of environmental variables could affect the scope and impact of an exploited vulnerability.
• B. In-memory environmental variable values can be overwritten and used by attackers to insert malicious code.
• C. Environmental variables define cryptographic standards for the system and could create vulnerabilities if deprecated algorithms are used.
• D. Environmental variables will determine when updates are run and could mitigate the likelihood of vulnerability exploitation.

Correct answer: A

Explanation

Option A is correct because the values of environmental variables can influence how a vulnerability is exploited and its overall severity. The other options, while discussing important aspects of environmental variables, do not directly address the primary concern related to their contents impacting vulnerability exploitation.