🔥 3-day streak
CompTIA PenTest+ (PT0-003)22 / 175
Question 22 of 175
During an internal assessment, your vulnerability scanner returns two CVSS 9.8 findings: (1) an unauthenticated RCE on a lab print server that has no network route to production and stores no data, and (2) an unauthenticated RCE on a domain controller that hosts Active Directory for the entire organization. Both have public, weaponized exploits. Your remediation report must prioritize the findings. Which approach correctly reflects vulnerability prioritization for this engagement?
Reviewed for accuracy · Report an issueNext question