Certified Ethical Hacker (CEH v13) — Question 255

Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

Answer options

• A. Use the built-in Windows Update tool
• B. Use a scan tool like Nessus
• C. Check MITRE.org for the latest list of CVE findings
• D. Create a disk image of a clean Windows installation

Correct answer: B

Explanation

Using a scan tool like Nessus is the best approach because it is specifically designed to identify vulnerabilities in systems. While Windows Update helps keep software up to date, it does not actively scan for vulnerabilities. Checking MITRE.org for CVEs provides valuable information but does not directly assess the system. Creating a disk image is unrelated to vulnerability discovery as it merely replicates the existing state of the system.