ExamTopics Logo
Mail Usteam@examtopics.com
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 103 discussion

Actual exam question from CompTIA's CS0-003
Question #: 103
Topic #: 1
[All CS0-003 Questions]

An end-of-life date was announced for a widely used OS. A business-critical function is performed by some machinery that is controlled by a PC, which is utilizing the OS that is approaching the end-of-life date. Which of the following best describes a security analyst’s concern?

  • A. Any discovered vulnerabilities will not be remediated.
  • B. An outage of machinery would cost the organization money.
  • C. Support will not be available for the critical machinery.
  • D. There are no compensating controls in place for the OS.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Community vote distribution
A (92%)
8%
by kmordalv at Aug. 30, 2023, 3:03 p.m.

Comments

Chosen Answer:
This is a voting comment. You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
[Removed]
Highly Voted 9 months, 3 weeks ago
Selected Answer: A
A) vulnerabilities will not be remediated. From the Sybex 003 study guide: /// End-of- Life or Outdated Components /// Software vendors eventually discontinue support for every product they make. This is true for operating systems as well as applications. Once they announce the final end of support for a product, organizations that continue running the outdated software put themselves at a significant risk of attack. The vendor simply will not investigate or correct security flaws that arise in the product after that date. Organizations continuing to run the unsupported product are on their own from a security perspective, and unless you happen to maintain a team of operating system developers, that’s not a good situation to find yourself in.
upvoted 6 times
...
glenndexter
Highly Voted 4 months, 3 weeks ago
The best description of a security analyst's concern in this scenario is: A. Any discovered vulnerabilities will not be remediated. As an operating system reaches its end-of-life date, the vendor typically stops providing security updates and patches for known vulnerabilities. This leaves systems running on the outdated OS exposed to potential security risks. Without the ability to receive patches, any vulnerabilities discovered in the OS after the end-of-life date will remain unaddressed, increasing the risk of exploitation by malicious actors. This concern highlights the importance of migrating critical systems to supported and up-to-date platforms to mitigate security risks. While options B, C, and D may also be concerns for the organization, the primary focus of a security analyst is typically on mitigating security risks, making option A the best choice.
upvoted 5 times
...
leesuh
Most Recent 1 week, 2 days ago
Selected Answer: C
Why is C not an option?
upvoted 1 times
...
Rezaee
8 months, 1 week ago
Selected Answer: A
A. Any discovered vulnerabilities will not be remediated.
upvoted 3 times
...
kmordalv
1 year ago
Selected Answer: A
Correct As the OS that controls the business-critical machinery is approaching its end-of-life date, it means that the OS will no longer receive updates and security patches from the vendor. This leaves the OS and the machinery susceptible to potential security breaches and attacks that could exploit these unpatched vulnerabilities.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
AI-900
Sydney, 1 minute ago