nerdexam
ExamsCV0-003Questions#633
CompTIA

CV0-003 · Question #633

CV0-003 Question #633: Real Exam Question with Answer & Explanation

The correct answer is C: A network-based scan. Credentialed and Noncredentialed ScanningVulnerability scans can be performed with or without valid credentials to the resources. A scan without credentials is called a noncredentialed scan. This simulates what an attacker would see if they did not have access to a valid user ses

Security

Question

A company has hired a security firm to perform a vulnerability assessment of its environment. In the first phase, an engineer needs to scan the network services exposed by the hosts. Which of the following will help achieve this with the LEAST privileges?

Options

  • AAn agent-based scan
  • BA credentialed scan
  • CA network-based scan
  • DAn application scan

Explanation

Credentialed and Noncredentialed ScanningVulnerability scans can be performed with or without valid credentials to the resources. A scan without credentials is called a noncredentialed scan. This simulates what an attacker would see if they did not have access to a valid user session. Credentialed scanning uses one or more valid credentials to determine what vulnerabilities can be identified under that user context. Some scans will include multiple types of credentials, such as a standard user account, an administrative account, and a service account.

Topics

#vulnerability assessment#network scanning#least privilege#unauthenticated scan

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CV0-003 Practice
A company has hired a security firm to perform a vulnerability... | CV0-003 Q#633 Answer | NerdExam