Which metric in the CVSS Base Metric Group is used with an attack vector?
- the determination whether the initial authority changes to a second authority during the exploit
- the presence or absence of the requirement for user interaction in order for an exploit to be successful
- the proximity of the threat actor to the vulnerability
- the number of components, software, hardware, or networks, that are beyond the control of the attacker and that must be present in order for a vulnerability to be successfully exploited
Explanation: The attack vector is one of several metrics defined in the Common Vulnerability Scoring System (CVSS) Base Metric Group Exploitability metrics. The attack vector is how close the threat actor is to the vulnerable component. The farther away the threat actor is to the component, the higher the severity because threat actors close to the network are easier to detect and mitigate.
Exam with this question: CCNA SECOPS 210-255 Dumps – Certification Practice Exam Answers
Exam with this question: CyberOps Associate Final Exam Answers
Exam with this question: CyberOps Associate (Version 1.0) - CyberOps Associate (200-201) Certification Practice Exam
Exam with this question: Cyber Threat Management - 4.4.2 Endpoint Vulnerability Quiz
Exam with this question: Cyber Threat Management: My Knowledge Check Answers