CompTIA Security+ (SY0-501) — Question 617

Which of the following is the MOST significant difference between intrusive and non-intrusive vulnerability scanning?

Answer options

• A. One uses credentials, but the other does not.
• B. One has a higher potential for disrupting system operations.
• C. One allows systems to activate firewall countermeasures.
• D. One returns service banners, including running versions.

Correct answer: B

Explanation

The correct answer is B because intrusive scans can actively probe systems and may inadvertently disrupt operations, while non-intrusive scans are designed to avoid such disruptions. Options A, C, and D describe characteristics that do not differentiate the two types based on their impact on system stability.