nerdexam
CompTIA

CV0-003 · Question #937

A systems administrator is configuring a cloud solution for a vulnerability assessment to test the company's resources that are hosted in a public cloud. The solution must test the company's resources

The correct answer is B. Configure a network-based scan.. A network-based scan tests resources from an external perspective without requiring agent installation, making it ideal for simulating an outside attacker against cloud-hosted resources.

Security

Question

A systems administrator is configuring a cloud solution for a vulnerability assessment to test the company's resources that are hosted in a public cloud. The solution must test the company's resources from an external user's perspective. Which of the following would be the best solution?

Options

  • AConfigure an agent-based scan.
  • BConfigure a network-based scan.
  • CConfigure a port scan.
  • DConfigure a credentialed scan.

How the community answered

(22 responses)
  • A
    5% (1)
  • B
    82% (18)
  • C
    5% (1)
  • D
    9% (2)

Why each option

A network-based scan tests resources from an external perspective without requiring agent installation, making it ideal for simulating an outside attacker against cloud-hosted resources.

AConfigure an agent-based scan.

An agent-based scan requires software installed directly on the target host, providing an internal host-level perspective rather than simulating an external attacker.

BConfigure a network-based scan.Correct

A network-based scan operates externally across the network, probing target systems exactly as an outside attacker would see them. This approach requires no credentials or installed agents, making it the best fit for assessing publicly exposed cloud resources from an external user's perspective and revealing internet-facing vulnerabilities.

CConfigure a port scan.

A port scan only identifies open ports and listening services; it does not perform a full vulnerability assessment of the discovered services.

DConfigure a credentialed scan.

A credentialed scan uses valid login credentials to assess systems from an authenticated, internal perspective, which is the opposite of an external user's viewpoint.

Concept tested: External network-based vulnerability scanning in cloud

Source: https://docs.tenable.com/nessus/Content/ScanAndPolicyTemplates.htm

Topics

#vulnerability assessment#network scan#external testing#security scanning

Community Discussion

No community discussion yet for this question.

Full CV0-003 Practice