CompTIA Security+ (SY0-501) — Question 302

A security administrator wants to determine if a company's web servers have the latest operating system and application patches installed. Which of the following types of vulnerability scans should be conducted?

Answer options

• A. Non-credentialed
• B. Passive
• C. Port
• D. Credentialed
• E. Red team
• F. Active

Correct answer: D

Explanation

A Credentialed scan is the correct choice as it allows the scanner to access the system with credentials, thus providing detailed information about the patches installed. Non-credentialed scans lack this access and can miss important details, while passive scans simply observe traffic without probing the systems. Port scans identify open ports but do not assess patch levels, and active scans may not provide the same depth of insight as credentialed scans.