CompTIA CySA+ (CS0-002) — Question 357

In response to an audit finding, a company's Chief Information Officer (CIO) instructed the security department to increase the security posture of the vulnerability management program. Currently, the company's vulnerability management program has the following attributes:
✑ It is unauthenticated.
✑ It is at the minimum interval specified by the audit framework.
✑ It only scans well-known ports.
Which of the following would BEST increase the security posture of the vulnerability management program?

Answer options

• A. Expand the ports being scanned to include all ports. Increase the scan interval to a number the business will accept without causing service interruption. Enable authentication and perform credentialed scans.
• B. Expand the ports being scanned to include all ports. Keep the scan interval at its current level. Enable authentication and perform credentialed scans.
• C. Expand the ports being scanned to include all ports. Increase the scan interval to a number the business will accept without causing service interruption. Continue unauthenticated scanning.
• D. Continue scanning the well-known ports. Increase the scan interval to a number the business will accept without causing service interruption. Enable authentication and perform credentialed scans.

Correct answer: A

Explanation

Option A is the best choice because it addresses all vulnerabilities by scanning all ports, increases the scan frequency to enhance security, and implements authentication for credentialed scans, which provide deeper insights. The other options either fail to increase the scan frequency, do not include credentialed scans, or do not expand the scanned ports adequately, leaving potential vulnerabilities unexamined.