312-50V13 Question #64: Real Exam Question with Answer & Explanation

Question

Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

Options

• AUse the built-in Windows Update tool
• BUse a scan tool like Nessus
• CCheck MITRE.org for the latest list of CVE findings
• DCreate a disk image of a clean Windows installation

Explanation

To discover vulnerabilities on a Windows-based computer, a dedicated vulnerability scanning tool is the most effective approach as it automates the process of identifying known security weaknesses. Nessus is a widely recognized and comprehensive vulnerability scanner capable of assessing operating systems and applications for security flaws.

Common mistakes.

• A. The built-in Windows Update tool is designed to apply security patches and updates to the operating system and installed Microsoft software, not to actively scan for and report on existing vulnerabilities.
• C. MITRE.org provides a public repository of Common Vulnerabilities and Exposures (CVEs), which is a database of known security flaws, but it is not a tool that can be used to scan a system for these vulnerabilities.
• D. Creating a disk image of a clean Windows installation is a method for system deployment, backup, or forensic analysis, and it does not actively scan a live system for vulnerabilities.

Concept tested. Vulnerability scanning tools

Reference. https://www.cisco.com/c/en/us/products/security/network-vulnerability-assessment.html

No community discussion yet for this question.