A network-based vulnerability assessment is a type of test also referred to as:

A.
An active vulnerability assessment.

B.
A routing vulnerability assessment.

C.
A host-based vulnerability assessment.

D.
A passive vulnerability assessment.

Explanation:
An Intrusion Detection System (IDS) typically follows a two-step process. First procedures include inspection of
the configuration files of a system to detect inadvisable settings; inspection of the password files to detect
inadvisable passwords; and inspection of other system areas to detect policy violations.
In a second step, procedures are network-based and considered an active component; mechanisms are set in
place to reenact known methods of attack and to record system responses.
Incorrect Answers:
B: A network-based vulnerability assessment is referred to as an active vulnerability assessment, not a routing
vulnerability assessment.
C: A network-based vulnerability assessment is referred to as an active vulnerability assessment, not a hostbased vulnerability assessment.
D: A network-based vulnerability assessment is referred to as an active vulnerability assessment, not a passive
vulnerability assessment.