bundle

50%

You are here: Home > CompTIA Exam Questions > SY0-401 (v.5) > Which of the following BEST represents the goal of a vulnerability assessment?

PrepAway - Latest Free Exam Questions & Answers

Which of the following BEST represents the goal of a vulnerability assessment?

seenagapeNovember 10, 2016

Which of the following BEST represents the goal of a vulnerability assessment?

PrepAway - Latest Free Exam Questions & Answers

A.
To test how a system reacts to known threats

B.
To reduce the likelihood of exploitation

C.
To determine the system’s security posture

D.
To analyze risk mitigation strategies

Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and
vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary
actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as
missing patches or security updates.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of
computing systems in a network in order to determine if and where a system can be exploited and/or
threatened. While public servers are important for communication and data transfer over the Internet,
they open the door to potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known
flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an
individual or an enterprise can use to tighten the network’s security.
Incorrect Answers:
A: A vulnerability scan is used to determine whether a system is vulnerable to known threats. It is not
used to test how a system reacts to the known threats.
B: A vulnerability scan is used to determine whether a system is vulnerable to known threats. By
determining the existence of vulnerabilities, we can reduce the likelihood of the system being exploited.
However, we first need to determine the existence of the vulnerabilities.
D: A vulnerability scan is used to determine whether a system is at risk from known threats. After
determining the risk, we can develop a risk mitigation strategy. However it is not the purpose of the
vulnerability scan to analyze the risk mitigation strategies.
http://www.webopedia.com/TERM/V/vulnerability_scanning.html

Leave a Reply Cancel reply

You must be logged in to post a comment.

Move Up