CompTIA Security Plus Mock Test Q678

A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system?

A. Penetration test
B. Vulnerability scan
C. Load testing
D. Port scanner


Correct Answer: B
Section: Threats and Vulnerabilities

Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk
assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be
exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat
agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of
the findings that an individual or an enterprise can use to tighten the network’s security.

Incorrect Answers:
A: Penetration testing evaluates an organization’s ability to protect its networks, applications, computers and users from attempts to circumvent its security controls to gain
unauthorized or privileged access to protected assets. A vulnerability scan has less impact on the system than a penetration test.
C: Load testing is the process of adding ‘load’ to a system to test or measure how much load the system can take and continue to function. An example of a load test would be using
software to simulate many users (possibly thousands) simultaneously accessing the corporate website to ensure that the web server can continue to function under the load. Load
testing is not used to test the lack of security controls for applications.
D: A port scanner is typically a software application used to scan a system such as a computer or firewall for open ports. A malicious user would attempt to access a system through
an open port. A security administrator would compare the list of open ports against a list of ports that need to be open so that unnecessary ports can be closed thus reducing the
vulnerability of the system. A port scanner is not used to test the lack of security controls for applications.

References:
http://www.webopedia.com/TERM/V/vulnerability_scanning.html