CompTIA CySA+ (CS0-001) — Question 117

The Chief Security Officer (CSO) has requested a vulnerability report of systems on the domain, identifying those running outdated OSs. The automated scan reports are not displaying OS version details, so the CSO cannot determine risk exposure levels from vulnerable systems. Which of the following should the cybersecurity analyst do to enumerate OS information as part of the vulnerability scanning process in the MOST efficient manner?

Answer options

• A. Execute the ver command
• B. Execute the nmap ""p command
• C. Use Wireshark to export a list
• D. Use credentialed configuration

Correct answer: A

Explanation

The correct answer is A because the 'ver' command directly provides the version information of the operating system. The other options either do not specifically target OS version retrieval or are less efficient for this purpose, such as using nmap which is more suited for port scanning, or Wireshark which is meant for network analysis.