🔥 3-day streak
CompTIA Security+ (SY0-701)16 / 77
Question 16 of 77
A security analyst is reviewing vulnerability scan results for the company's environment. Two findings must be prioritized for remediation: Finding 1 has a CVSS base score of 9.8 but affects an isolated internal test server with no network access to production. Finding 2 has a CVSS base score of 7.5 and affects a customer-facing web server that processes payment data. Company risk tolerance is low, and PCI DSS compliance is required. Which finding should the analyst remediate first, and why?
Reviewed for accuracy · Report an issueNext question →