SY0-501 · Question #455
SY0-501 Question #455: Real Exam Question with Answer & Explanation
The correct answer is D: The scanner must be able to audit file system permissions. A credentialed scan is necessary when an in-depth analysis of a system's internal configurations and security settings, beyond network-level vulnerabilities, is required.
Question
In determining when it may be necessary to perform a credentialed scan against a system instead of a non- credentialed scan, which of the following requirements is MOST likely to influence its decisions?
Options
- AThe scanner must be able to enumerate the host OS of devices scanner
- BThe scanner must be able to footprint the network
- CThe scanner must be able to check for open ports with listening services
- DThe scanner must be able to audit file system permissions
Explanation
A credentialed scan is necessary when an in-depth analysis of a system's internal configurations and security settings, beyond network-level vulnerabilities, is required.
Common mistakes.
- A. Enumerating the host OS can often be performed by non-credentialed scans through network-based fingerprinting techniques like banner grabbing or analyzing TCP/IP stack behavior.
- B. Footprinting the network primarily involves discovering network topology, active devices, and accessible services, which can largely be accomplished through external network probes without system credentials.
- C. Checking for open ports with listening services is a fundamental function of network-based, non-credentialed vulnerability scans, as it only requires probing network services without logging into the host.
Concept tested. Credentialed vs. Non-credentialed Vulnerability Scans
Reference. https://learn.microsoft.com/en-us/azure/defender-for-cloud/deploy-vulnerability-assessment
Community Discussion
No community discussion yet for this question.