SY0-301 · Question #768
SY0-301 Question #768: Real Exam Question with Answer & Explanation
The correct answer is A: A vulnerability scanner. A vulnerability scanner performs non-intrusive assessments of systems by comparing installed software versions, patch levels, and configurations against a database of known vulnerabilities. It identifies missing patches and misconfigurations without attempting to exploit them - t
Question
Options
- AA vulnerability scanner
- BSecurity baselines
- CA port scanner
- DGroup policy
Explanation
A vulnerability scanner performs non-intrusive assessments of systems by comparing installed software versions, patch levels, and configurations against a database of known vulnerabilities. It identifies missing patches and misconfigurations without attempting to exploit them - this is known as a credentialed or non-exploiting scan. This distinguishes it from a penetration test or exploit framework. Security baselines define desired secure configurations but are not scanning tools. A port scanner only identifies open ports and running services, not patch status. Group Policy enforces configurations but does not scan for vulnerabilities.
Community Discussion
No community discussion yet for this question.