CS0-003 Vulnerability Management • Set 7
CS0-003 Vulnerability Management Practice Test 7 — 15 questions with explanations. Free, no signup.
A security analyst reviews a vulnerability scan report and identifies a critical vulnerability with a CVSS v3.1 base score of 9.8. The attack vector is 'Network', attack complexity is 'Low', privileges required is 'None', user interaction is 'None', scope is 'Unchanged', and all three CIA impacts are 'High'. Which additional factor should the analyst prioritize when deciding whether to apply a patch or a compensating control?