A penetration tester finished a security scan and uncovered numerous vulnerabilities on several hosts. Based on the targets' EPSS and CVSS scores, which of the following targets is the most likely to get attacked?
EPSS (Exploit Prediction Scoring System) indicates the likelihood of exploitation.
CVSS (Common Vulnerability Scoring System) represents the severity of the vulnerability.
Rationale:
Target 1 has the highest EPSS score (0.6) combined with a moderately high CVSS score (4), making it the most likely to be attacked.
Other options either have lower EPSS or CVSS scores, reducing their likelihood of being exploited.
CompTIA Pentest+ References:
Domain 2.0 (Information Gathering and Vulnerability Identification)
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit