23.2.7 Check Your Understanding – Identify CVSS Metrics Answers

1. Which CVSS metric captures the level of access that is required for a successful exploit of the vulnerability?

  • Attack complexity
  • Attack vector
  • Privileges required
  • Scope
  • User interaction

Explanation: Privileges required captures the level of access that is required for a successful exploit of the vulnerability.

2. Which CVSS metric expresses the number of components, software, hardware, or networks, that are beyond the attacker’s control and that must be present for a vulnerability to be successfully exploited?

  • Attack complexity
  • Attack vector
  • Privileges required
  • Scope
  • User interaction

Explanation: Attack complexity expresses the number of components, software, hardware, or networks, that are beyond the attacker’s control and that must be present for a vulnerability to be successfully exploited.

3. Which CVSS metric expresses whether multiple authorities must be involved in an exploit?

  • Attack complexity
  • Attack vector
  • Privileges required
  • Scope
  • User interaction

Explanation: Scope expresses whether multiple authorities must be involved in an exploit.

4. Which CVSS metric reflects the proximity of the threat actor to the vulnerable component?

  • Attack complexity
  • Attack vector
  • Privileges required
  • Scope
  • User interaction

Explanation: Attack vector reflects the proximity of the threat actor to the vulnerable component.

5. Which CVSS metric expresses whether human action is required for the exploit to succeed?

  • Attack complexity
  • Attack vector
  • Privileges required
  • Scope
  • User interaction

Explanation: User interaction expresses whether human action is required for the exploit to succeed.


guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x