1. Which CVSS metric captures the level of access that is required for a successful exploit of the vulnerability?
- Attack complexity
- Attack vector
- Privileges required
- Scope
- User interaction
Explanation: Privileges required captures the level of access that is required for a successful exploit of the vulnerability.
2. Which CVSS metric expresses the number of components, software, hardware, or networks, that are beyond the attacker’s control and that must be present for a vulnerability to be successfully exploited?
- Attack complexity
- Attack vector
- Privileges required
- Scope
- User interaction
Explanation: Attack complexity expresses the number of components, software, hardware, or networks, that are beyond the attacker’s control and that must be present for a vulnerability to be successfully exploited.
3. Which CVSS metric expresses whether multiple authorities must be involved in an exploit?
- Attack complexity
- Attack vector
- Privileges required
- Scope
- User interaction
Explanation: Scope expresses whether multiple authorities must be involved in an exploit.
4. Which CVSS metric reflects the proximity of the threat actor to the vulnerable component?
- Attack complexity
- Attack vector
- Privileges required
- Scope
- User interaction
Explanation: Attack vector reflects the proximity of the threat actor to the vulnerable component.
5. Which CVSS metric expresses whether human action is required for the exploit to succeed?
- Attack complexity
- Attack vector
- Privileges required
- Scope
- User interaction
Explanation: User interaction expresses whether human action is required for the exploit to succeed.