CompTIA CySA+ (CS0-003) — Question 60

A security analyst needs to provide evidence of regular vulnerability scanning on the company's network for an auditing process. Which of the following is an example of a tool that can produce such evidence?

Answer options

• A. OpenVAS
• B. Burp Suite
• C. Nmap
• D. Wireshark

Correct answer: A

Explanation

OpenVAS is specifically designed for vulnerability scanning, making it suitable for providing evidence of regular scans. Burp Suite is primarily used for web application security testing, Nmap is a network scanning tool, and Wireshark is used for network protocol analysis, none of which are focused on producing vulnerability scan reports.