SY0-501 · Question #437
SY0-501 Question #437: Real Exam Question with Answer & Explanation
The correct answer is B: Non-applicable plug ins were selected in the scan policy. When a vulnerability scan on a hardened host unexpectedly reports many non-compliant items, the most likely causes are misconfigured scan policies or incorrect audit/benchmark files being applied during the assessment.
Question
A security analyst conducts a manual scan on a known hardened host that identifies many non- compliant items. Which of the following BEST describe why this has occurred? (Select TWO)
Options
- APrivileged-user certificated were used to scan the host
- BNon-applicable plug ins were selected in the scan policy
- CThe incorrect audit file was used
- DThe output of the report contains false positives
- EThe target host has been compromised
Explanation
When a vulnerability scan on a hardened host unexpectedly reports many non-compliant items, the most likely causes are misconfigured scan policies or incorrect audit/benchmark files being applied during the assessment.
Common mistakes.
- A. Using privileged credentials actually improves scan accuracy by allowing deeper access to the host, and would more likely reduce false positives rather than generate excessive non-compliant findings.
- D. While false positives can occur in scan results, this choice describes a symptom rather than a root cause explaining why a hardened host shows many non-compliant items.
- E. A compromised host is possible but is not the best explanation for many non-compliant findings on a known hardened host, as the scenario points to a scanning configuration issue rather than an active breach.
Concept tested. Vulnerability scan policy and audit file misconfiguration
Reference. https://docs.tenable.com/nessus/Content/ScanAndPolicyTemplates.htm
Community Discussion
No community discussion yet for this question.