CompTIA CySA+ (CS0-003) — Question 410

A managed service provider manages servers in customer-assigned Internet Protocol spaces. The provider discovers that these servers are not included in scheduled network scans, but the provider cannot scan the servers without the customers' explicit permission. Which of the following scanning methods should the provider use to scan these individual servers?

Answer options

• A. Agent-based scans
• B. System baseline scans
• C. External network scans
• D. Device fingerprinting

Correct answer: A

Explanation

Agent-based scans are appropriate because they involve installing agents on the servers, allowing for scanning without needing direct permission for each scan. Other options like System baseline scans and External network scans may not function due to permission issues, and Device fingerprinting does not provide the comprehensive assessment needed for vulnerability scanning.