nerdexam
EC-Council

312-50V10 · Question #760

Your company was hired by a small healthcare provider to perform a technician assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

The correct answer is C. Use a scan tool like Nessus. Discovering vulnerabilities on a Windows system requires an active scanning tool that probes the live host for known weaknesses, missing patches, and misconfigurations.

Vulnerability Analysis

Question

Your company was hired by a small healthcare provider to perform a technician assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

Options

  • ACreate a disk image of a clean Windows installation
  • BUse the built-in Windows Update tool
  • CUse a scan tool like Nessus
  • DCheck MITRE.org for the latest of CVE findings

How the community answered

(59 responses)
  • A
    2% (1)
  • B
    3% (2)
  • C
    93% (55)
  • D
    2% (1)

Why each option

Discovering vulnerabilities on a Windows system requires an active scanning tool that probes the live host for known weaknesses, missing patches, and misconfigurations.

ACreate a disk image of a clean Windows installation

Creating a disk image is a forensic or backup operation that captures system state but does not identify or enumerate vulnerabilities on a running host.

BUse the built-in Windows Update tool

Windows Update applies patches to close known vulnerabilities but does not scan for, report on, or enumerate existing vulnerabilities and misconfigurations.

CUse a scan tool like NessusCorrect

Nessus is an industry-standard vulnerability scanner that performs authenticated or unauthenticated scans against Windows hosts, enumerating known CVEs, missing patches, and misconfigurations with severity-ranked results. Unlike passive references or OS-level update tools, it actively interrogates the live system. This makes it the appropriate choice for a technician-level vulnerability assessment.

DCheck MITRE.org for the latest of CVE findings

MITRE CVE is a reference database of publicly disclosed vulnerabilities - it is a lookup resource, not a tool that actively tests or scans a live system.

Concept tested: Active vulnerability scanning using Nessus on Windows

Source: https://docs.tenable.com/nessus/Content/GettingStarted.htm

Topics

#Nessus#vulnerability scanning#Windows assessment#scan tools

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice