nerdexam
EC-Council

312-50V10 · Question #854

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, applications, and vulner

The correct answer is D. Credentialed assessment. A credentialed vulnerability assessment uses authenticated access to deeply inspect systems, services, running applications, and active user sessions across the network.

Vulnerability Analysis

Question

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the users who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization?

Options

  • Ainternal assessment
  • BPassive assessment
  • CExternal assessment
  • DCredentialed assessment

How the community answered

(65 responses)
  • A
    3% (2)
  • B
    6% (4)
  • C
    14% (9)
  • D
    77% (50)

Why each option

A credentialed vulnerability assessment uses authenticated access to deeply inspect systems, services, running applications, and active user sessions across the network.

Ainternal assessment

An internal assessment describes the physical or logical position of the assessor (inside the network perimeter) and does not specifically refer to using credentials for deep authenticated inspection of systems and user sessions.

BPassive assessment

A passive assessment involves only capturing and analyzing existing network traffic without interacting with or probing hosts, which would not yield detailed application vulnerability data or enumerate currently active user sessions.

CExternal assessment

An external assessment simulates an outside attacker by scanning exclusively from outside the organizational network boundary, which contradicts Morris's insider-level visibility into user sessions and internal services.

DCredentialed assessmentCorrect

A credentialed assessment leverages valid credentials or privileged network access to gather detailed information beyond what unauthenticated scanning can reveal, including active user sessions and installed application vulnerabilities. Morris's ability to enumerate currently logged-in users and identify application-level vulnerabilities indicates he had authenticated or elevated access to the network, which is the defining characteristic of a credentialed assessment.

Concept tested: Credentialed vulnerability assessment identification

Source: https://learn.microsoft.com/en-us/security/operations/incident-response-overview

Topics

#passive assessment#network sniffing#vulnerability assessment#credentialed assessment

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice