🔥 3-day streak
CompTIA CySA+ (CS0-003)118 / 147
Question 118 of 147
A vulnerability analyst reviews a scan report for an internet-facing web server. Three findings are listed: (1) a medium-severity information disclosure flaw exposing internal directory paths, (2) a low-severity outdated TLS cipher suite, and (3) a medium-severity local file inclusion (LFI) vulnerability. Individually, none is rated critical, but the analyst notes that the disclosed paths could reveal the location of writable directories that the LFI could target. Considering these findings together, what should the analyst do first?
Reviewed for accuracy · Report an issueNext question