Exam CAS-005 Topic 2 Question 112 Discussion
Actual exam question for CompTIA's CAS-005 exam
Question #: 112
Topic #: 2
Question #: 112
Topic #: 2
A company's security policy states that any publicly available server must be patched within 12 hours after a patch is released A recent llS zero-day vulnerability was discovered that affects all versions of the Windows Server OS:
Which of the following hosts should a security analyst patch first once a patch is available?
Which of the following hosts should a security analyst patch first once a patch is available?
Suggested Answer: A Vote an answer
Based on the security policy that any publicly available server must be patched within 12 hours after a patch is released, the securityanalyst should patch Host 1 first. Here's why:
Public Availability: Host 1 is externally available, making it accessible from the internet. Publicly available servers are at higher risk of being targeted by attackers, especially when a zero-day vulnerability is known.
Exposure to Threats: Host 1 has IIS installed and is publicly accessible, increasing its exposure to potential exploitation. Patching this host first reduces the risk of a successful attack.
Prioritization of Critical Assets: According to best practices, assets that are exposed to higher risks should be prioritized for patching to mitigate potential threats promptly.
Reference:
CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl
NIST Special Publication 800-40: Guide toEnterprise Patch Management Technologies CIS Controls: Control 3 - Continuous Vulnerability Management
Public Availability: Host 1 is externally available, making it accessible from the internet. Publicly available servers are at higher risk of being targeted by attackers, especially when a zero-day vulnerability is known.
Exposure to Threats: Host 1 has IIS installed and is publicly accessible, increasing its exposure to potential exploitation. Patching this host first reduces the risk of a successful attack.
Prioritization of Critical Assets: According to best practices, assets that are exposed to higher risks should be prioritized for patching to mitigate potential threats promptly.
Reference:
CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl
NIST Special Publication 800-40: Guide toEnterprise Patch Management Technologies CIS Controls: Control 3 - Continuous Vulnerability Management
by Elroy at Mar 19, 2026, 10:17 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).