A security auditor is reviewing vulnerability scan data provided by an internal security team.
Which of the following BEST indicates that valid credentials were used?
A.
The scan results show open ports, protocols, and services exposed on the target host B.
The scan enumerated software versions of installed programs C.
The scan produced a list of vulnerabilities on the target host D.
The scan identified expired SSL certificates.
B.
A security auditor is reviewing vulnerability scan data provided by an internal security team.
Which of the following BEST indicates that valid credentials were used?
A.
The scan results show open ports, protocols, and services exposed on the target host
B.
The scan enumerated software versions of installed programs
C.
The scan produced a list of vulnerabilities on the target host
D.
The scan identified expired SSL certificates.
B.
When conducting a vulnerability scan, the use of valid credentials is important as it can provide the scanner with access to additional information and system-level details that would otherwise not be available through a non-authenticated scan. For example, an authenticated scan can provide detailed information about installed software, missing patches, and system configuration settings.
Given this scenario, if the scan data indicates that software versions of installed programs were enumerated, it would indicate that valid credentials were used. Option B is the correct answer.
Option A is not the best answer because open ports, protocols, and services exposed on the target host can be detected through a non-authenticated scan. While an authenticated scan can provide additional information about these ports and services, this alone does not indicate whether or not valid credentials were used.
Option C is also not the best answer because the scan producing a list of vulnerabilities on the target host does not necessarily mean that valid credentials were used. Vulnerabilities can be detected through both authenticated and non-authenticated scans.
Option D is also not the best answer because identifying expired SSL certificates does not necessarily require the use of valid credentials. This can be detected through a non-authenticated scan.