I am taking the Cybrary CompTIA PenTest+ training and I am trying to complete section 4.2. None of the answers that I put in for question 3 are accepted and I don’t understand why. My own understanding and based on the material in the course, it should cvss or cvss scores. I can’t complete this section without the answer and don’t understand why this isn’t correct. The question: Risk prioritization is often based on a ____________ framework to categorize vulnerabilities according to their severity.
I am having the same problem with section 4.4. Can anyone help!!!?
You are on the right track with your understanding. The question is about how risk prioritization is done, and the correct answer is indeed based on the CVSS, the Common Vulnerability Scoring System. The CVSS framework helps organizations categorize and prioritize vulnerabilities according to their severity scores (ranging from 0.0 to 10.0). It’s a global standard used in almost every security assessment process, including those covered in the CompTIA PenTest+ course.
If the Cybrary quiz isn’t accepting “CVSS” or “CVSS scores,” try typing the full name “Common Vulnerability Scoring System”. Sometimes their quiz modules are case-sensitive or need the expanded term to mark it correct.
When I was preparing for my CompTIA PenTest+ exam, I ran into similar confusion with a few questions. What really helped me was practicing with [ADVERT REMOVED]. Their questions often highlight tricky phrasing like this and explain why one format of the answer might not be accepted.