hiexam
comptia · CS0-003 · Q426 · multiple_choice · topic_1

A company receives a penetration test report summary from a third party. The report summary indicates a proxy has some…

A company receives a penetration test report summary from a third party. The report summary indicates a proxy has some patches that need to be applied. The proxy is sitting in a rack and is not being used, as the company has replaced it with a new one. The CVE score of the vulnerability on the proxy is a 9.8. Which of the following best practices should the company follow with this proxy?
  • A.Leave the proxy as is.
  • B.Decomission the proxy.
  • C.Migrate the proxy to the cloud.
  • D.Patch the proxy.
Explanation
Selected Answer: B Correct Since the proxy is not in use and has a critical vulnerability with a high CVSS score, the best course of action is to decommission the proxy. Patching the proxy might be an option if it were actively being used and could not be replaced, but since a new proxy is already in place, decommissioning is the most appropriate action.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing