Understanding Cisco Cybersecurity Fundamentals (SECFND, legacy) — Question 75

Which two statements are true? (Choose two.)

Answer options

• A. Security engineers that need to locate vulnerabilities in a managed environment commonly use vulnerability scanners, such as Nessus and OpenVAS.
• B. Attackers use vulnerability scanners such as Nessus and OpenVAS to locate vulnerabilities in potential target hosts.
• C. Vulnerability scanners, such as Nessus and OpenVAS, are safe to experiment with on a production network environment.
• D. Vulnerability scanners, such as Nessus and OpenVAS, should never be used on a production network for any reason.

Correct answer: A, B

Explanation

The correct answers are A and B because security engineers use vulnerability scanners like Nessus and OpenVAS to find vulnerabilities, while attackers also use these tools to exploit potential weaknesses in targets. Options C and D are incorrect because using vulnerability scanners in a production environment can lead to disruptions; hence, they should be avoided in such settings.