CompTIA Security+ (SY0-701) — Question 290

An analyst is performing a vulnerability scan against the web servers exposed to the internet without a system account. Which of the following is most likely being performed?

Answer options

• A. Non-credentialed scan
• B. Packet capture
• C. Privilege escalation
• D. System enumeration
• E. Passive scan

Correct answer: A

Explanation

The correct answer is A, as a non-credentialed scan does not use any system account information, allowing the analyst to identify vulnerabilities from an external perspective. Options B, C, D, and E describe different activities that do not align with the context of performing a vulnerability scan without credentials.