CompTIA CASP+ (CAS-004) — Question 40
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
Which of the following scan types will provide the systems administrator with the MOST accurate information?
Answer options
- A. A passive, credentialed scan
- B. A passive, non-credentialed scan
- C. An active, non-credentialed scan
- D. An active, credentialed scan
Correct answer: D
Explanation
The correct answer is D, as an active, credentialed scan allows the system to access deeper insights into the configuration settings by using valid credentials. Options A and B are passive scans, which do not interact with the systems as thoroughly, and C, while active, does not use credentials, limiting its ability to gather detailed information.