Certified Ethical Hacker (CEH v11) — Question 177

Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

Answer options

• A. Use the built-in Windows Update tool
• B. Use a scan tool like Nessus
• C. Check MITRE.org for the latest list of CVE findings
• D. Create a disk image of a clean Windows installation

Correct answer: B

Explanation

The best approach for discovering vulnerabilities is to use a scan tool like Nessus, as it is specifically designed to identify security weaknesses in systems. While the Windows Update tool can help keep the system patched, it does not actively search for vulnerabilities. Checking MITRE.org can provide information on CVEs, but it does not offer direct scanning capabilities. Creating a disk image of a clean installation does not assist in identifying existing vulnerabilities.