nerdexam
EC-Council

312-50V13 · Question #255

A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that t

The correct answer is C. Host-based assessment. Host-Based Assessment Explained Why C is Correct: A host-based assessment focuses on vulnerabilities within a specific individual system (host), examining internal components such as user directories, registries, file permissions, configuration tables, and software settings - exa

Submitted by ravi_2018· Mar 6, 2026Vulnerability Analysis

Question

A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also Identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin?

Options

  • ACredentialed assessment
  • BDatabase assessment
  • CHost-based assessment
  • DDistributed assessment

How the community answered

(46 responses)
  • B
    2% (1)
  • C
    96% (44)
  • D
    2% (1)

Explanation

Host-Based Assessment Explained

Why C is Correct: A host-based assessment focuses on vulnerabilities within a specific individual system (host), examining internal components such as user directories, registries, file permissions, configuration tables, and software settings - exactly what Martin performed when evaluating Janet's allocated workstation from the inside out.

Why the Others Are Wrong:

  • A (Credentialed Assessment): This refers to scans performed with valid login credentials to gain deeper access; it describes the method of authentication used, not the scope or type of assessment Martin conducted.
  • B (Database Assessment): This specifically targets database systems, checking for SQL vulnerabilities, access controls, and data integrity issues - none of which are mentioned in the scenario.
  • D (Distributed Assessment): This involves assessing vulnerabilities across multiple systems or networks simultaneously, whereas Martin examined a single, specific machine.

Memory Tip: Think "Host = One House." A host-based assessment is like inspecting every room inside one house (registry, directories, permissions), while distributed assessments would be like inspecting an entire neighborhood of houses at once. If the question mentions a single system's internal components, think host-based.

Topics

#Vulnerability assessment types#Host-based assessment#System configuration security#Internal vulnerabilities

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice