Certified Ethical Hacker (CEH v12) — Question 12
A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors.
What is the type of vulnerability assessment performed by Martin?
Answer options
- A. Database assessment
- B. Host-based assessment
- C. Credentialed assessment
- D. Distributed assessment
Correct answer: B
Explanation
The correct answer is B, Host-based assessment, as it focuses on evaluating vulnerabilities on individual systems. The other options do not apply because a database assessment is specific to databases, a credentialed assessment involves authenticated scans that check for vulnerabilities, and a distributed assessment pertains to multiple systems spread across a network.