CompTIA
SY0-301 · Question #233
SY0-301 Question #233: Real Exam Question with Answer & Explanation
The correct answer is C: Vulnerability scanning. Vulnerability scanning is a passive, non-intrusive process that identifies potential weaknesses without actively exploiting them, making it the safest testing option for fragile or legacy systems.
Question
A company hires outside security experts to evaluate the security status of the corporate network. All of the company's IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed?
Options
- APenetration testing
- BWAF testing
- CVulnerability scanning
- DWhite box testing
Explanation
Vulnerability scanning is a passive, non-intrusive process that identifies potential weaknesses without actively exploiting them, making it the safest testing option for fragile or legacy systems.
Common mistakes.
- A. Penetration testing involves actively exploiting discovered vulnerabilities, which can crash or damage systems that are already unstable.
- B. WAF testing specifically targets web application firewall rules and is not a general network assessment method for fragile legacy infrastructure.
- D. White box testing gives testers full knowledge of the environment and typically involves active exploitation or code review, which still carries risk of system disruption.
Concept tested. Vulnerability scanning versus active penetration testing
Reference. https://csrc.nist.gov/publications/detail/sp/800-115/final
Community Discussion
No community discussion yet for this question.