You are using a vulnerability scanner to assess the security posture of your network. Which of the following is the BEST approach to ensure the most comprehensive scan?
Run multiple non-credentialed scans to cover all assets.
Perform a credentialed scan using valid login credentials.
Conduct a passive scan to observe traffic patterns without interference.
Use an agent-based scan to monitor system behavior continuously.
Credentialed scans provide a deeper level of insight into a system's security by using valid login credentials. This allows the scanner to view configurations and settings that are not accessible through non-credentialed scans, resulting in more thorough and accurate vulnerability detection. Though agent-based and passive scans have their benefits, they either miss detailed internal configurations or do not actively test systems.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a credentialed scan and why is it better than a non-credentialed scan?
Open an interactive chat with Bash
What are agent-based scans, and how do they differ from credentialed scans?
Open an interactive chat with Bash
What is a passive scan, and when would it be useful?