GIAC Security Essentials Certification (GSEC) — Question 23

Validating which vulnerabilities in a network environment are able to be exploited by an attacker is called what?

Answer options

• A. Anomaly detection
• B. Vulnerability scanning
• C. Perimeter assessment
• D. Penetration testing

Correct answer: B

Explanation

The correct answer is Vulnerability scanning, which involves identifying potential security flaws that could be exploited. Anomaly detection focuses on identifying unusual behavior rather than assessing vulnerabilities. Perimeter assessment evaluates the security of the network's outer defenses, while penetration testing simulates attacks to exploit those vulnerabilities rather than just identifying them.