Exam CS0-003 topic 1 question 1 discussion

Has anyone taken the exam recently ?

Going for A here, reasons being following (Put ** around the secrtions in the text): Vector - Network (Not Asked about) Complexity - Low (Not Asked about) Privileges Required - None (A recent zero-day vulnerability is being actively exploited, requires no user interaction or **privilege escalation**) User interaction - None (A recent zero-day vulnerability is being actively exploited, **requires no user interaction** or privilege escalation) Scope -Unchanged (Not Asked about) Confidentiality - High (has a significant impact to **confidentiality** and integrity but not to availability) Integrity - K ? - Typo Perhaps? Availability - Low (has a significant impact to confidentiality and integrity but not to **availability**)

I pass my brothers and systers with this exam, but many question doesn't is here. You need Study more. The BBQ show the way, but the way change in all time, because the question changes in every moment, but this exam is very very good for you.

A Other options include incorrect values for Attack Vector, Privileges Required, or the Impact metrics, making A the best fit.

I took my exam today and passed with a score of 821! Many of the questions here appeared on the exam exactly as they were. There were 69 questions in total, including 3 PBQs. One PBQ involved ping and nmap commands, while the other PBQs were new but straightforward to understand and answer.

I just cleared my exam yesterday and I should say that only 30% from this dump came out. I had 5 PBQs and only the Cyber Kill chain from this dump was on the PBQ section. I had 71 Questions and the first 40 questions are new. Btw I passed with 797 score.

No privilege is squired. Option B has privilege that makes it completely wrong. Now option A should have had I:H but it is I:K. The impact is not high, but at least not low, but it should be high. I now believe A is the best choice ignore by B selection earlier.

Correct answer is A as the UI (User Interaction) criteria specifies N for none.

K is not a possilbe value, yet it appears in A and B H is not a possible value for UI, yet it appears in C R is not a possible value for PR, yet it appears in D So every statement contains invalid outputs. The statement tells us the following are true. Therefore, A is the most correct answer. PR=N UI=N C=H I=H A=/=H

K is typo, it's H.

Answer is B. Significant impact to C and I (confidentially and integrity) so both should be high. But in A option only C was high while I was K , not H. But overall the choices looked screwed. CompTIA exam writers are something in the making

For the given scenario of a recent zero-day vulnerability that is actively exploited, requires no user interaction or privilege escalation, and has a significant impact on confidentiality and integrity but not on availability, the most accurate CVE metrics would be: B. CVSS:31/AV:K/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L

Correct "The attack vector is network (AV:N), the attack complexity is low (AC:L), no privileges are required (PR:N), no user interaction is required (UI:N), the scope is unchanged (S:U), the confidentiality and integrity impacts are high (C:H/I:H), and the availability impact is low (A:L).