An analyst is using a vulnerability scanner to look for common security misconfigurations on devices.
Which of the following might be identified by the scanner? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.AE.
The vulnerability scanner is designed to identify security weaknesses or vulnerabilities in a system, software or network. When a vulnerability scanner is used, it performs automated tests against various aspects of the system, including the operating system, network services, installed software, and configurations, looking for any known vulnerabilities. Based on the results of these tests, the scanner can identify misconfigurations that could potentially lead to a security breach or exploitation.
Out of the given options, the two that might be identified by the vulnerability scanner are:
A. The firewall is disabled on workstations: Firewalls act as a security barrier between the internal network and the internet. If a workstation's firewall is disabled, it could be vulnerable to external attacks, such as malware or hacking attempts. The vulnerability scanner can identify this misconfiguration and alert the security analyst to take the necessary steps to re-enable the firewall.
D. Default administrator credentials exist on networking hardware: Default administrator credentials are often used by manufacturers to facilitate initial access to networking hardware such as switches or routers. If these default credentials are not changed by the administrator, an attacker could easily gain access to the device and potentially control the entire network. The vulnerability scanner can identify this issue and recommend that the administrator change the default credentials to something stronger and more secure.
B. SSH is enabled on servers: SSH (Secure Shell) is a network protocol used for secure remote access to a server. While SSH is generally considered secure, if it is enabled with weak or default credentials, it could be vulnerable to exploitation. However, just enabling SSH on a server is not necessarily a misconfiguration, so it is not clear whether the vulnerability scanner would flag this as a potential issue.
C. Browser homepages have not been customized: This is not a security issue and is simply a matter of user preference. The vulnerability scanner is unlikely to identify this as a security risk.
E. The OS is only set to check for updates once a day: While this could be a security concern if there are critical security updates that need to be installed immediately, it is not necessarily a misconfiguration. Therefore, the vulnerability scanner may not identify this as a potential issue.
In summary, the vulnerability scanner is likely to identify misconfigurations such as disabled firewalls and default administrator credentials on networking hardware, while custom browser homepages and OS update settings are not security concerns. SSH being enabled on a server is not necessarily a misconfiguration, but the scanner may flag it if there are weak or default credentials associated with it.