Certified Ethical Hacker (CEH v13) — Question 235

A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors.
What is the type of vulnerability assessment performed by Martin?

Answer options

• A. Database assessment
• B. Host-based assessment
• C. Credentialed assessment
• D. Distributed assessment

Correct answer: B

Explanation

The correct answer is B, Host-based assessment, because Martin evaluated the vulnerabilities associated with a specific system that is directly managed and used by users. The other options do not apply; a Database assessment focuses on database security, a Credentialed assessment involves authenticated scans for deeper insights, and a Distributed assessment pertains to analyzing a network of systems rather than a single host.