CompTIA Cloud+ (CV0-003) — Question 193

A company that performs passive vulnerability scanning at its transit VPC has detected a vulnerability related to outdated web-server software on one of its public subnets. Which of the following can the company use to verify if this is a true positive with the least effort and cost? (Choose two.)

Answer options

• A. A network-based scan
• B. An agent-based scan
• C. A port scan
• D. A red-team exercise
• E. A credentialed scan
• F. A blue-team exercise
• G. Unknown environment penetration testing

Correct answer: A, E

Explanation

A network-based scan allows for quick verification of vulnerabilities without needing software installed on the target system, making it cost-effective. A credentialed scan provides deeper insights by utilizing credentials, ensuring accurate results about the software versions, while the other options either require more resources, are less efficient for this purpose, or do not provide the necessary verification in a cost-effective manner.