312-50V10 · Question #458
Craig received a report of all the computers on the network that showed all the missing patches and weak passwords. What type of software generated this report?
The correct answer is B. a vulnerability scanner. A vulnerability scanner is the tool that identifies security weaknesses such as missing patches and weak passwords across networked systems.
Question
Craig received a report of all the computers on the network that showed all the missing patches and weak passwords. What type of software generated this report?
Options
- Aa port scanner
- Ba vulnerability scanner
- Ca virus scanner
- Da malware scanner
How the community answered
(34 responses)- A3% (1)
- B85% (29)
- C3% (1)
- D9% (3)
Why each option
A vulnerability scanner is the tool that identifies security weaknesses such as missing patches and weak passwords across networked systems.
A port scanner only identifies which network ports are open on a host, not missing patches or weak passwords.
A vulnerability scanner actively probes networked systems to detect known security weaknesses, including missing OS and application patches, misconfigured services, and weak or default passwords, then generates detailed reports for remediation. Tools like Nessus, OpenVAS, and Qualys are examples of vulnerability scanners that produce exactly this type of comprehensive security posture report.
A virus scanner detects known malware signatures on a system and does not assess patch levels or password strength.
A malware scanner identifies malicious software, not configuration weaknesses like missing patches or weak credentials.
Concept tested: Vulnerability scanner capabilities and use cases
Source: https://csrc.nist.gov/publications/detail/sp/800-115/final
Topics
Community Discussion
No community discussion yet for this question.