312-50V13 · Question #276
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner on a machine belongi
The correct answer is B. Agent-based scanner. The scenario describes an agent-based scanner, where a software component is installed directly on a target machine to perform local scans and report findings.
Question
Options
- AProxy scanner
- BAgent-based scanner
- CNetwork-based scanner
- DCluster scanner
How the community answered
(39 responses)- A3% (1)
- B79% (31)
- C13% (5)
- D5% (2)
Why each option
The scenario describes an agent-based scanner, where a software component is installed directly on a target machine to perform local scans and report findings.
A proxy scanner typically intercepts and analyzes web traffic between a client and a server to find web application vulnerabilities; it's not installed on a target machine to scan other network machines.
An agent-based scanner operates by deploying a software agent directly onto the target machine, which then performs scans locally and reports back to a central console. In this scenario, the hacker 'installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network,' indicating that the scanning capability was executed from a local agent on a compromised host within the network.
A network-based scanner operates remotely over the network, scanning target hosts without requiring direct installation of software on the target itself, which contradicts the scenario where a scanner was 'installed on a machine'.
The term 'cluster scanner' is not a standard or widely recognized type of vulnerability assessment tool in this context; it might refer to scanning a cluster of machines but doesn't describe the deployment method.
Concept tested: Vulnerability scanning types; agent-based scanning
Source: https://learn.microsoft.com/en-us/azure/defender-for-cloud/vulnerability-assessment-recommendations
Topics
Community Discussion
No community discussion yet for this question.