🔥 3-day streak
CompTIA CySA+ (CS0-003)128 / 147
Question 128 of 147

A CySA+ analyst reviews a vulnerability scan report for a fleet of Apache HTTP servers. The scanner flags CVE-2021-44790 (mod_lua buffer overflow) as critical on all 40 hosts. During validation, the analyst confirms that mod_lua is not compiled into or loaded on any of these servers. The scanner detected the vulnerability solely by matching the reported Apache version banner. What is the MOST accurate conclusion and appropriate next step?

Reviewed for accuracy · Report an issueNext question