CompTIA PenTest+ (PT0-001) — Question 6

A penetration tester is performing a remote scan to determine if the server farm is compliant with the company's software baseline. Which of the following should the penetration tester perform to verify compliance with the baseline?

Answer options

• A. Discovery scan
• B. Stealth scan
• C. Full scan
• D. Credentialed scan

Correct answer: A

Explanation

A Discovery scan is designed to identify systems and software on a network, making it suitable for verifying compliance with a software baseline. In contrast, a Stealth scan is focused on being undetectable, a Full scan may not specifically check for compliance, and a Credentialed scan, while thorough, requires credentials and may not be applicable in this remote scenario.