312-50V11 · Question #760
Your company was hired by a small healthcare provider to perform a technician assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?
The correct answer is C. Use a scan tool like Nessus. A vulnerability assessment on a live Windows system requires an active scanning tool that probes for weaknesses, not a patch manager or passive reference database.
Question
Your company was hired by a small healthcare provider to perform a technician assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?
Options
- ACreate a disk image of a clean Windows installation
- BUse the built-in Windows Update tool
- CUse a scan tool like Nessus
- DCheck MITRE.org for the latest of CVE findings
How the community answered
(60 responses)- A2% (1)
- B5% (3)
- C90% (54)
- D3% (2)
Why each option
A vulnerability assessment on a live Windows system requires an active scanning tool that probes for weaknesses, not a patch manager or passive reference database.
Creating a disk image captures system state for forensic or backup purposes and provides no mechanism for identifying active vulnerabilities on a running system.
Windows Update applies available Microsoft patches but does not enumerate all vulnerabilities present, cannot assess third-party software weaknesses, and does not produce an assessment report.
Nessus is an industry-standard vulnerability scanner that actively interrogates a live Windows target for misconfigurations, missing patches, exposed services, and known CVEs, producing a prioritized report suited for a professional assessment. It goes beyond patch status to detect third-party software flaws, weak credentials, and compliance gaps. This active discovery approach is precisely what a technician assessment engagement requires.
MITRE's CVE database is a passive reference catalog of published vulnerabilities and does not actively probe or evaluate any specific target system.
Concept tested: Active vulnerability scanning using Nessus
Source: https://docs.tenable.com/nessus/Content/GettingStarted.htm
Topics
Community Discussion
No community discussion yet for this question.