312-50V9 · Question #255
Craig received a report of all the computers on the network that showed all the missing patches and weak passwords. What type of software generated this report?
The correct answer is B. a vulnerability scanner. A vulnerability scanner enumerates hosts on a network and identifies security weaknesses such as missing patches and weak passwords, producing detailed remediation reports.
Question
Craig received a report of all the computers on the network that showed all the missing patches and weak passwords. What type of software generated this report?
Options
- Aa port scanner
- Ba vulnerability scanner
- Ca virus scanner
- Da malware scanner
How the community answered
(23 responses)- B91% (21)
- C4% (1)
- D4% (1)
Why each option
A vulnerability scanner enumerates hosts on a network and identifies security weaknesses such as missing patches and weak passwords, producing detailed remediation reports.
A port scanner only identifies open TCP/UDP ports on hosts and does not assess patch levels or password strength.
Vulnerability scanners are purpose-built to assess hosts for known security weaknesses, including unpatched software and misconfigured credentials. They query systems, compare findings against vulnerability databases, and output reports listing each deficiency per host. Tools like Nessus and OpenVAS are classic examples that produce exactly the kind of report described.
A virus scanner detects known malicious software on a host and does not audit patch status or password policies.
A malware scanner detects malicious software broadly and does not perform patch or credential auditing.
Concept tested: Vulnerability scanner capabilities and output
Source: https://csrc.nist.gov/glossary/term/vulnerability_scanner
Topics
Community Discussion
No community discussion yet for this question.