CompTIA Security+ (SY0-501) — Question 21

Which of the following network vulnerability scan indicators BEST validates a successful, active scan?

Answer options

• A. The scan job is scheduled to run during off-peak hours.
• B. The scan output lists SQL injection attack vectors.
• C. The scan data identifies the use of privileged-user credentials.
• D. The scan results identify the hostname and IP address.

Correct answer: B

Explanation

Option B is correct because the presence of SQL injection attack vectors in the scan output indicates that the scan actively tested for vulnerabilities, confirming its success. The other options, while relevant to scheduling or data gathering, do not specifically validate the effectiveness of an active scan.