SY0-501 Question #519: Real Exam Question with Answer & Explanation

Question

An analyst is using a vulnerability scanner to look for common security misconfigurations on devices. Which of the following might be identified by the scanner? (Select TWO).

Options

• AThe firewall is disabled on workstations.
• BSSH is enabled on servers.
• CBrowser homepages have not been customized.
• DDefault administrator credentials exist on networking hardware.
• EThe OS is only set to check for updates once a day.

Explanation

Vulnerability scanners detect common security misconfigurations that expose systems to risk, such as disabled security controls or unchanged default credentials. These are well-known attack vectors that scanning tools are specifically designed to identify.

Common mistakes.

• B. SSH being enabled on servers is not inherently a misconfiguration - it is a standard, secure remote administration protocol, and its presence alone would not be flagged as a misconfiguration by a vulnerability scanner.
• C. Browser homepage customization is a user preference setting with no direct security implication, and vulnerability scanners do not assess aesthetic or productivity configurations unrelated to security posture.
• E. Checking for updates once a day is a reasonable and functional patch management schedule; while less frequent than ideal, it is not a misconfiguration and would not typically be flagged by a vulnerability scanner as a security issue.

Concept tested. Identifying common security misconfigurations via vulnerability scanning

Reference. https://learn.microsoft.com/en-us/security/benchmark/azure/security-control-vulnerability-management

No community discussion yet for this question.