CompTIA PenTest+ (PT0-003) — Question 175

A penetration tester is configuring a vulnerability management solution to perform credentialed scans of an Active Directory server. Which of the following account types should the tester provide to the scanner?

Answer options

• A. Read-only
• B. Domain administrator
• C. Local user
• D. Root

Correct answer: B

Explanation

The correct answer is B, Domain administrator, as this account type provides the necessary permissions to access and scan all parts of the Active Directory server for vulnerabilities. Options A (Read-only), C (Local user), and D (Root) do not provide the required permissions for comprehensive scanning in an Active Directory environment.