A vulnerability scanner that uses its running service's access level to better assess vulnerabilities across multiple assets within an organization is performing a:
Click on the arrows to vote for the correct answer
A. B. C. D.A.
The correct answer is A. Credentialed scan.
A vulnerability scanner is a software tool that identifies vulnerabilities in computer systems, applications, and networks. It does this by scanning a target system, identifying open ports and services, and probing for vulnerabilities. A vulnerability scanner can perform different types of scans, including non-intrusive scans, passive scans, credentialed scans, and privilege escalation tests.
A credentialed scan is a type of scan that uses administrative or privileged credentials to access a target system and gather information about its configuration and settings. With privileged access, the scanner can better assess vulnerabilities and identify misconfigurations that might not be detected with a non-privileged scan. For example, a credentialed scan can identify outdated software versions, insecure user account settings, or missing security patches.
In contrast, a non-intrusive scan is a type of scan that does not attempt to access the target system's internals or exploit vulnerabilities. It relies on passive techniques such as port scanning and fingerprinting to gather information about the target system. Non-intrusive scans are generally safer and less disruptive but may miss some vulnerabilities that require active probing.
A privilege escalation test is a type of scan that attempts to exploit vulnerabilities to gain higher levels of access to a target system. It is a more aggressive form of testing that carries a higher risk of disruption or damage to the system being scanned.
A passive scan is a type of scan that monitors network traffic and collects information without actively probing or interacting with the target system. Passive scans are often used for monitoring and intrusion detection, but they may miss some vulnerabilities that require active probing.
In summary, a vulnerability scanner that uses its running service's access level to better assess vulnerabilities across multiple assets within an organization is performing a credentialed scan.