EC-Council
312-50V10 · Question #797
312-50V10 Question #797: Real Exam Question with Answer & Explanation
The correct answer is B: A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a. A penetration test goes beyond identifying vulnerabilities by actively exploiting them to demonstrate real-world impact, whereas a vulnerability scan only identifies and reports potential weaknesses.
Question
Why is a penetration test considered to be more thorough than vulnerability scan?
Options
- AVulnerability scans only do host discovery and port scanning by default.
- BA penetration test actively exploits vulnerabilities in the targeted infrastructure, while a
- CIt is not - a penetration test is often performed by an automated tool, while a vulnerability scan
- DThe tools used by penetration testers tend to have much more comprehensive vulnerability
Explanation
A penetration test goes beyond identifying vulnerabilities by actively exploiting them to demonstrate real-world impact, whereas a vulnerability scan only identifies and reports potential weaknesses.
Common mistakes.
- A. Vulnerability scanners perform much more than host discovery and port scanning - they also check service versions, configurations, and known CVEs against a comprehensive signature database.
- C. This reverses the reality; penetration tests are typically performed by skilled human testers using manual techniques, while vulnerability scans are the predominantly automated process.
- D. The comprehensiveness of tool vulnerability databases is not the defining distinction; the key difference is active exploitation versus passive identification of weaknesses.
Concept tested. Penetration testing vs vulnerability scanning methodology
Reference. https://csrc.nist.gov/publications/detail/sp/800-115/final
Community Discussion
No community discussion yet for this question.