312-50V11 · Question #279
Which of the following business challenges could be solved by using a vulnerability scanner?
The correct answer is D. There is a monthly requirement to test corporate compliance with host application usage and. Vulnerability scanners are designed to assess systems against known security baselines and compliance requirements, making them the right tool for recurring compliance checks on host application usage and security configurations.
Question
Which of the following business challenges could be solved by using a vulnerability scanner?
Options
- AAuditors want to discover if all systems are following a standard naming convention.
- BA web server was compromised and management needs to know if any further systems were
- CThere is an emergency need to remove administrator access from multiple machines for an
- DThere is a monthly requirement to test corporate compliance with host application usage and
How the community answered
(47 responses)- A6% (3)
- B2% (1)
- C4% (2)
- D87% (41)
Why each option
Vulnerability scanners are designed to assess systems against known security baselines and compliance requirements, making them the right tool for recurring compliance checks on host application usage and security configurations.
Auditing naming conventions is a configuration management or asset inventory function, not a capability of vulnerability scanners, which focus on security weaknesses.
Determining whether additional systems were compromised after an incident requires forensic analysis and endpoint detection tools, not a vulnerability scanner.
Removing administrator access from machines is an identity and access management operation performed via directory services or endpoint management tools, not a vulnerability scanning function.
Vulnerability scanners can be configured with compliance benchmarks (such as CIS or STIG profiles) to test whether systems meet defined security and application usage policies on a scheduled basis. This aligns directly with a monthly compliance testing requirement, as the scanner identifies deviations from the accepted baseline across all in-scope hosts. Automated recurring scans make this operationally practical at scale.
Concept tested: Vulnerability scanner use cases - compliance assessment
Source: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf
Topics
Community Discussion
No community discussion yet for this question.