SY0-301 · Question #318
Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?
The correct answer is B. Vulnerability scan. A vulnerability scanner (e.g., Nessus, OpenVAS) probes systems for known vulnerabilities, misconfigurations, and missing patches by matching findings against a database of known issues. It confirms that a vulnerability exists and that security controls may be inadequate - without
Question
Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?
Options
- AProtocol analyzer
- BVulnerability scan
- CPenetration test
- DPort scanner
How the community answered
(70 responses)- A4% (3)
- B91% (64)
- C3% (2)
- D1% (1)
Explanation
A vulnerability scanner (e.g., Nessus, OpenVAS) probes systems for known vulnerabilities, misconfigurations, and missing patches by matching findings against a database of known issues. It confirms that a vulnerability exists and that security controls may be inadequate - without actually exploiting anything (i.e., without active testing). A penetration test goes further and actively attempts exploitation to prove impact. A protocol analyzer captures traffic. A port scanner only identifies open ports. Vulnerability scanning is explicitly a passive-to-light-probe method that identifies risk without crossing into active exploitation.
Topics
Community Discussion
No community discussion yet for this question.