TheCCST Cybersecurity Study Guidestates that vulnerability scanning is an automated process used to identify known security weaknesses in systems, software, and network devices. These scans compare system configurations and software versions against databases of known vulnerabilities, such as the Common Vulnerabilities and Exposures (CVE) list.
"A vulnerability scan is an automated test that checks systems and networks for known weaknesses by matching them against a database of vulnerabilities such as CVEs. This allows administrators to identify exploitable conditions before they are leveraged by attackers."
Bmay be part of remediation planning but is not the primary purpose.
Cis correct: Scans detect if systems have vulnerabilities associated with CVEs.
Ddescribes SIEM (Security Information and Event Management) log correlation, not vulnerability scanning.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit