CompTIA
SY0-301 · Question #638
SY0-301 Question #638: Real Exam Question with Answer & Explanation
The correct answer is C: Vulnerability scan. A vulnerability scan identifies and reports on weaknesses in a network passively without exploiting them, providing a security posture assessment without active compromise.
Question
Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses?
Options
- APenetration test
- BCode review
- CVulnerability scan
- DBrute Force scan
Explanation
A vulnerability scan identifies and reports on weaknesses in a network passively without exploiting them, providing a security posture assessment without active compromise.
Common mistakes.
- A. A penetration test actively exploits identified vulnerabilities to demonstrate real-world impact, which goes beyond assessing posture to actually compromising systems.
- B. A code review examines application source code for security flaws and does not assess the live network security posture.
- D. A brute force scan actively attempts to guess credentials, which constitutes exploitation of authentication mechanisms rather than passive assessment.
Concept tested. Vulnerability scanning without exploitation
Reference. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf
Community Discussion
No community discussion yet for this question.