CompTIA Security+ (SY0-501) — Question 609

A security analyst wishes to scan the network to view potentially vulnerable systems the way an attacker would. Which of the following would BEST enable the analyst to complete the objective?

Answer options

• A. Perform a non-credentialed scan.
• B. Conduct an intrusive scan.
• C. Attempt escalation of privilege.
• D. Execute a credentialed scan.

Correct answer: A

Explanation

The correct answer is A, as a non-credentialed scan simulates an outsider's perspective, identifying vulnerabilities without access credentials. Options B and C involve more aggressive techniques that do not align with the goal of mimicking an attacker's scan. Option D provides an internal view and would not reflect the external attacker's approach.