Free Top CompTIA Pentest+ PT0-003 Actual Exam Questions - Question 6 Discussion
Question No. 6
[Attacks and Exploits]
A penetration tester finishes a security scan and uncovers numerous vulnerabilities on several hosts.
Based on the targets' EPSS (Exploit Prediction Scoring System) and CVSS (Common Vulnerability
Scoring System) scores, which of the following targets is the most likely to get attacked?
A penetration tester finishes a security scan and uncovers numerous vulnerabilities on several hosts.
Based on the targets' EPSS (Exploit Prediction Scoring System) and CVSS (Common Vulnerability
Scoring System) scores, which of the following targets is the most likely to get attacked?
Select one option, then reveal solution.
US
AV
Amit V.
2026-01-28
A/D? A has the highest EPSS, meaning attackers are more likely to try it, but D’s CVSS is higher, so the impact is worse if exploited. Attackers might prefer A for ease or D for damage.
0
MW
Mason W.
2026-01-17
Option D seems better because even though its EPSS score is lower than A’s, the CVSS score is higher, meaning the vulnerability is more severe. Attackers usually aim for vulnerabilities that are both likely to be exploited and have a high impact. So, having a higher CVSS with a decent EPSS might make Target 4 more attractive than Target 1.
0
AV
Ali V.
2026-01-15
A vs D, going with A.
0