CompTIA Security+ (SY0-501) — Question 111

A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility over the patch posture of all company's clients.
Which of the following is being used?

Answer options

• A. Gray box vulnerability testing
• B. Passive scan
• C. Credentialed scan
• D. Bypassing security controls

Correct answer: C

Explanation

The correct answer is C, Credentialed scan, as it allows the scanner to authenticate against systems and gather detailed information about patch levels. The other options are incorrect because Gray box testing does not rely on active scanning, Passive scans do not authenticate to gather data, and Bypassing security controls is not a legitimate scanning method.