CompTIA CySA+ (CS0-003) — Question 98

A Chief Information Security Officer has outlined several requirements for a new vulnerability scanning project:

• Must use minimal network bandwidth
• Must use minimal host resources
• Must provide accurate, near real-time updates
• Must not have any stored credentials in configuration on the scanner

Which of the following vulnerability scanning methods should be used to best meet these requirements?

Answer options

• A. Internal
• B. Agent
• C. Active
• D. Uncredentialed

Correct answer: B

Explanation

The Agent method is most suitable because it operates with minimal network bandwidth and host resources by performing scans locally and sending updates without needing extensive credentials. Other options, such as Internal and Active, may not align with the requirements for minimal resource usage, while Uncredentialed scanning often lacks the depth of analysis needed for accurate results.