🔥 3-day streak
CompTIA CySA+ (CS0-003)10 / 147
Question 10 of 147
A CySA+ analyst is reviewing a vulnerability assessment report and notices that one finding has a CVSS v3.1 vector string ending in the metric 'S:C'. The vendor advisory describes a flaw in a hypervisor component that allows a compromised guest virtual machine to affect the underlying host and other guests. When explaining the risk to management, which statement about the Scope (S) metric being set to 'Changed' is most accurate?
Reviewed for accuracy · Report an issueNext question