CompTIA CySA+ (CS0-003) — Question 426

A security administrator has been notified by the IT operations department that some vulnerability reports contain an incomplete list of findings. Which of the following methods should be used to resolve this issue?

Answer options

• A. Credentialed scar
• B. External scan
• C. Differential scan
• D. Network scan

Correct answer: A

Explanation

The correct answer is A, Credentialed scan, because it provides deeper insights into system vulnerabilities by using credentials to access more information than an unauthenticated scan. The other options, such as External scan, Differential scan, and Network scan, may not provide the comprehensive findings needed to resolve the issue of incomplete reports.