CompTIA Security+ (SY0-501) — Question 930

In determining when it may be necessary to perform a credentialed scan against a system instead of a non-credentialed scan, which of the following requirements is MOST likely to influence this decision?

Answer options

• A. The scanner must be able to enumerate the host OS of devices scanned.
• B. The scanner must be able to footprint the network.
• C. The scanner must be able to check for open ports with listening services.
• D. The scanner must be able to audit file system permissions

Correct answer: D

Explanation

The correct answer is D because a credentialed scan allows for a deeper inspection of the system, including auditing file system permissions, which is crucial for security assessments. Options A, B, and C are important but do not have the same level of influence on the decision to use a credentialed scan, as they can often be performed with a non-credentialed scan.