🔥 3-day streak
CompTIA CySA+ (CS0-003)71 / 147
Question 71 of 147
A retail organization's monthly vulnerability scan flags several findings across its environment. The security manager must decide which to remediate first. The affected systems include: (1) an internal HR workstation with a medium-severity local privilege escalation flaw, (2) a public-facing e-commerce web server in the cardholder data environment (CDE) with a medium-severity TLS misconfiguration, (3) a development server with a critical remote code execution flaw that is isolated on an air-gapped test network, and (4) a marketing kiosk with a low-severity outdated browser plugin. Which finding should be remediated first?
Reviewed for accuracy · Report an issueNext question