When a security analyst prepares for the formal security assessment, what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?
To identify inconsistencies in secure asset records and confirm that systems meet baseline security standards, vulnerability scanning and checking data items (e.g., configuration settings, software versions) is essential. This helps the analyst discover gaps between expected and actual system states.
“Automated vulnerability scanners and asset inventories help validate that systems are compliant with security baselines.”
[Reference: CEH v13 Study Guide, Section on Security Assessment Planning., ==============================================================, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit