Vulnerability Scan Results: Importance of Control-Baseline Endpoint

Confirming Results with Control-Baseline Endpoint

Question

During a review of vulnerability scan results, an analyst determines the results may be flawed because a control-baseline system, which is used to evaluate a scanning tool's effectiveness, was reported as not vulnerable.

Consequently, the analyst verifies the scope of the scan included the control-baseline host, which was available on the network during the scan.

The use of a control-baseline endpoint in this scenario assists the analyst in confirming:

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

A.

The use of a control-baseline endpoint in vulnerability scanning helps the analyst to confirm false negatives.

A false negative occurs when a scanning tool fails to detect a vulnerability that exists in a system. In this scenario, the analyst suspects that the vulnerability scan results may be flawed because the control-baseline system, which should have shown up as vulnerable, was not detected as such.

To confirm whether the vulnerability scan results are accurate or not, the analyst verifies the scope of the scan to ensure that it included the control-baseline host. If the control-baseline system was available on the network during the scan, it should have been detected as vulnerable if the scanning tool was working correctly.

Therefore, if the control-baseline system is not detected as vulnerable, it would indicate that the scanning tool is not effective in detecting vulnerabilities. This would be a false negative, and the use of a control-baseline endpoint would assist the analyst in confirming this.

Hence, the correct answer to this question is C. false negatives.