A security analyst is evaluating two vulnerability management tools for possible use in an organization.

The analyst set up each of the tools according to the respective vendor's instructions and generated a report of vulnerabilities that ran against the same target server.

Tool A reported the following:

Tool B reported the following:

Which of the following BEST describes the method used by each tool? (Choose two.)

Question

A security analyst is evaluating two vulnerability management tools for possible use in an organization.

The analyst set up each of the tools according to the respective vendor's instructions and generated a report of vulnerabilities that ran against the same target server.

Tool A reported the following:

The target host (192.168.10.13) is missing the following patches:
CRITICAL KB50227328: Windows Server 2016 June 2019 Cumulative Update
CRITICAL KB50255293: Windows Server 2016 July 2019 Cumulative Update
HIGH MS19-055: Cumulative Security Update for Edge (2863871)

Tool B reported the following:

Methods GET HEAD OPTIONS POST TRACE are allowed on 192.168.10.13:80
192.168.10.13:443 uses a self-signed certificate
Apache 4.2.x < 4.2.28 Contains Multiple Vulnerabilities

Which of the following BEST describes the method used by each tool? (Choose two.)

Exam-Answer · Accepted Answer

Tool A is agent based.Tool B is unauthenticated.

Question 29 of 160 from exam CS0-002: CompTIA CySA+

Question

Answers

Explanations