Exam SY0-501 topic 1 question 737 discussion

Actual exam question from CompTIA's SY0-501

Question #: 737
Topic #: 1

[All SY0-501 Questions]

Which of the following is the MOST significant difference between intrusive and non-intrusive vulnerability scanning?

A. One uses credentials, but the other does not.
B. One has a higher potential for disrupting system operations.
C. One allows systems to activate firewall countermeasures.
D. One returns service banners, including running versions.

Show Suggested Answer

Suggested Answer: B 🗳️

by Azo_4952 at Oct. 7, 2020, 2:32 a.m.

Comments

Submit Cancel

Azo_4952

Highly Voted 4 years, 6 months ago

An intrusive test tries to exercise the vulnerability, which can crash or alter the remote target. A non-intrusive test tries not to cause any harm to the target. ... A vulnerability scanner such as Nessus (see Nessus) differs from a penetration tool by the manner in which it exploits vulnerabilities.

upvoted 7 times

...

Sugarbear_01

Most Recent 4 years ago

B. One has a higher potential for disrupting system operations. A vulnerability scanner can execute intrusive or nonintrusive tests. An intrusive test tries to exercise the vulnerability, which can crash or alter the remote target. A non-intrusive test tries not to cause any harm to the target. The test usually consists of checking the remote service version, or checking whether the vulnerable options are enabled.

upvoted 3 times

...

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam

Exam SY0-501 topic 1 question 737 discussion

Comments

Azo_4952

Sugarbear_01

SY0-701