CompTIA Security+ (SY0-501) — Question 876

A security analyst conducts a manual scan on a known hardened host that identifies many non-compliant configuration items.
Which of the following BEST describe why this has occurred? (Choose two.)

Answer options

• A. Privileged-user credentials were used to scan the host
• B. Non-applicable plugins were selected in the scan policy
• C. The incorrect audit file was used
• D. The output of the report contains false positives
• E. The target host has been compromised

Correct answer: B, D

Explanation

The presence of non-applicable plugins in the scan policy (option B) can lead to irrelevant findings in the report, indicating non-compliance. Additionally, the report may include false positives (option D), which can misrepresent the actual security posture of the host. The other options do not directly address the identification of non-compliant items resulting from the scan.