CompTIA CySA+ (CS0-002) — Question 327

A security analyst at an organization is reviewing vulnerability reports from a newly deployed vulnerability management platform. The organization is not receiving information about devices that rarely connect to the network. Which of the following will the analyst most likely do to obtain vulnerability information about these devices?

Answer options

• A. Add administrator credentials to mobile devices.
• B. Utilize cloud-based agents.
• C. Deploy a VPC in front of a NAC.
• D. Implement MDM.

Correct answer: B

Explanation

The correct answer is B, as utilizing cloud-based agents can help gather data from devices that do not connect frequently to the network by allowing remote monitoring. Options A and D are more focused on device management rather than vulnerability detection, and C relates to network architecture rather than directly addressing the vulnerability reporting issue.