PrepAway - Latest Free Exam Questions & Answers

Which of the following would be the BEST assessment for…

An administrator is concerned that a company’s web server has not been patched. Which of the following would be the BEST assessment for the administrator to
perform?

PrepAway - Latest Free Exam Questions & Answers

A.
Vulnerability scan

B.
Risk assessment

C.
Virus scan

D.
Network sniffer

Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. Vulnerabilities include computer systems that do
not have the latest security patches installed.
The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where
a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to
potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and
generating a report of the findings that an individual or an enterprise can use to tighten the network’s security. Vulnerability scanning typically refers to the scanning
of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the
threat of rogue software or malicious employees in an enterprise.
Incorrect Answers:
B: A risk assessment is the process of determining risk. A risk assessment alone would not determine if a web server has been patched. A vulnerability scan
should be performed first. The results of the vulnerability scan can then be used in a risk assessment. Therefore, this answer is incorrect.

C: A virus scan will scan a computer for known viruses. It is not used to determine if a system has been patched. Therefore, this answer is incorrect.
D: A network sniffer is a hardware device or more commonly a software program used to capture network data communications sent between devices on a
network. It is not used to determine if a system has been patched. Therefore, this answer is incorrect.

http://www.webopedia.com/TERM/V/vulnerability_scanning.html


Leave a Reply