312-50V10 · Question #702
To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one of the following too
The correct answer is D. Vulnerability scanner. A vulnerability scanner is the correct tool for security compliance audits because it systematically tests systems against known security weaknesses and policy baselines.
Question
To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one of the following tools would most likely be used in such an audit?
Options
- AProtocol analyzer
- BIntrusion Detection System
- CPort scanner
- DVulnerability scanner
How the community answered
(27 responses)- A7% (2)
- C4% (1)
- D89% (24)
Why each option
A vulnerability scanner is the correct tool for security compliance audits because it systematically tests systems against known security weaknesses and policy baselines.
A protocol analyzer (packet sniffer) captures and decodes network traffic for troubleshooting or forensics but does not assess system configuration or compliance posture.
An Intrusion Detection System (IDS) monitors live network traffic or host activity for signs of active attacks but does not audit systems for configuration compliance with security policies.
A port scanner identifies which network ports are open on a system, providing only a partial view of the attack surface without assessing configuration, patch levels, or policy compliance.
Vulnerability scanners enumerate systems on a network, probe them for known misconfigurations, missing patches, weak settings, and policy violations, then produce reports mapping findings to compliance frameworks. This makes them purpose-built for auditing whether systems meet defined security policies and regulatory requirements such as PCI-DSS, HIPAA, or CIS benchmarks.
Concept tested: Vulnerability scanning for security policy compliance auditing
Source: https://www.nist.gov/publications/technical-guide-information-security-testing-and-assessment
Topics
Community Discussion
No community discussion yet for this question.