nerdexam
EC-Council

312-50V13 · Question #276

John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner on a machine belongi

The correct answer is B. Agent-based scanner. The scenario describes an agent-based scanner, where a software component is installed directly on a target machine to perform local scans and report findings.

Submitted by akirajp· Mar 6, 2026Vulnerability Analysis

Question

John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner on a machine belonging to one of the vktims and scanned several machines on the same network to Identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario?

Options

  • AProxy scanner
  • BAgent-based scanner
  • CNetwork-based scanner
  • DCluster scanner

How the community answered

(39 responses)
  • A
    3% (1)
  • B
    79% (31)
  • C
    13% (5)
  • D
    5% (2)

Why each option

The scenario describes an agent-based scanner, where a software component is installed directly on a target machine to perform local scans and report findings.

AProxy scanner

A proxy scanner typically intercepts and analyzes web traffic between a client and a server to find web application vulnerabilities; it's not installed on a target machine to scan other network machines.

BAgent-based scannerCorrect

An agent-based scanner operates by deploying a software agent directly onto the target machine, which then performs scans locally and reports back to a central console. In this scenario, the hacker 'installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network,' indicating that the scanning capability was executed from a local agent on a compromised host within the network.

CNetwork-based scanner

A network-based scanner operates remotely over the network, scanning target hosts without requiring direct installation of software on the target itself, which contradicts the scenario where a scanner was 'installed on a machine'.

DCluster scanner

The term 'cluster scanner' is not a standard or widely recognized type of vulnerability assessment tool in this context; it might refer to scanning a cluster of machines but doesn't describe the deployment method.

Concept tested: Vulnerability scanning types; agent-based scanning

Source: https://learn.microsoft.com/en-us/azure/defender-for-cloud/vulnerability-assessment-recommendations

Topics

#vulnerability scanning#agent-based scanner#vulnerability assessment#internal network scan

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice