What are the three impact metrics contained in the CVSS 3.0 Base Metric Group? (Choose three.)
- attack vector
- availability
- confidentiality
- exploit
- integrity
- remediation level
| Answers Explanation & Hints:
The Common Vulnerability Scoring System (CVSS) is a vendor-neutral, industry standard, open framework for weighing the risks of a vulnerability using a variety of metrics. CVSS uses three groups of metrics to assess vulnerability, the Base Metric Group, Temporal Metric Group, and Environmental Metric Group. The Base Metric Group has two classes of metrics (exploitability and impact). The impact metrics are rooted in the following areas: confidentiality, integrity, and availability. |