CompTIA Security+ (SY0-501) — Question 423

Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?

Answer options

• A. Protocol analyzer
• B. Vulnerability scan
• C. Penetration test
• D. Port scanner

Correct answer: B

Explanation

A vulnerability scan is designed to identify potential security weaknesses and assess whether security controls can be bypassed without the need for active exploitation like in penetration testing. The other options, such as a protocol analyzer and port scanner, do not provide the same level of threat confirmation, while a penetration test actively tests the application, which is not what the question is asking for.