🔥 3-day streak
CompTIA PenTest+ (PT0-003)100 / 175
Question 100 of 175

During an internal network assessment, you produce four validated findings: (1) an unauthenticated remote code execution vulnerability on an isolated lab host with no network route to production, (2) a stored XSS on the internal HR portal used by 400 employees, (3) a plaintext credential set found in a world-readable file share that includes a domain administrator password, and (4) a missing HTTP security header on a public marketing site. Management asks you to rank the single finding that should be remediated first based on realistic exploitability and business impact. Which finding do you place at the top?

Reviewed for accuracy · Report an issueNext question