Exam CS0-003 topic 1 question 42 discussion

According to Jason Dion, agent based scans are always credentialed…

The correct answer is: C. Agent-based scanning Explanation: Agent-based scanning involves installing lightweight agents on endpoints that can perform vulnerability scans locally and report the results back to a central system. This method reduces the need for the security team to have direct access to sensitive systems, since the agent operates within the system’s own security context. It also provides accurate and comprehensive results because it has local visibility into the system.

My intuitive answer was as well A, but there is an important difference: a local Agent does not require a centralised privileged account to be stored within the security team. Now an Agent in itself is also a very direct access, but depending on the capabilities this could be of limited and managed impact. In the end (in real life) it is a balance between access and quality of scan results that needs to be taken into account. A risk analysis would determine the best approach...

Credentialed network scanning. Here's the reasoning: Increased Accuracy: Credentialed scanning allows the vulnerability scanner to log in to the target systems using provided credentials. This approach typically results in more comprehensive and accurate vulnerability detection, as it provides insights into configuration issues and vulnerabilities that may not be visible via non-credentialed

You dont need to touch the system at all

B: Passive scanning has the least amount of access to the system. It doesn't require credentials or installation. The most popular answer is C (agent-based scanning), but that requires an instance being installed on a host (this is access), therefore, it's not the correct answer.

Answer: C Explanation: Agent-based scanning is a method that involves installing software agents on the target systems or networks that can perform local scans and report the results to a central server or console. Agent- based scanning can reduce the access to systems, as the agents do not require any credentials or permissions to scan the local system or network. Agent-based scanning can also provide the most accurate vulnerability scan results, as the agents can scan continuously or on-demand, regardless of the system or network status or location.

Accuracy of results: Credentialed scans give security teams the necessary level of access to a system, just like any normal user, which allows for a more detailed and accurate examination of vulnerabilities than unauthenticated scans that only provide external visibility into a system.

this is a dumb question... the answers are awful. i have to go with B. passive scanning... agent based has nothing to with this... credentialed scanning just means youre using credentials within your scan. usually from a service account. this helps get more detailed information from the asset. security analyst have to be trusted with sensitive data/information or else they can not perform their duties.

“ there are concerns about granting the security team access to sensitive data” specifically says no to A. Credentialed. Answers C. Agent-based scanning

Agent BASED SCANNING ITS THE RIGHT ANSWER

The answer here is A, credentialed based scans provide the most accurate detail during a scan.

Só a C impede o compartilhamento de senhas e acessos aos ambientes.

ANSWER C: Because the exam objectives teaches us to have a single pane of glass solution and THAT verbiage holds true here >>> "involves installing software agents on the target systems or networks that can perform local scans and report the results to a central server or console.

It's C. Agent based scanning will prevent sharing credentials and accurate results

This is clearly Agent-based scanning.

the answer is C since don't want to share access to sensitive data.