Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam

Exam CS0-002 topic 1 question 67 discussion

Actual exam question from CompTIA's CS0-002

Question #: 67
Topic #: 1

A security analyst is scanning the network to determine if a critical security patch was applied to all systems in an enterprise. The organization has a very low tolerance for risk when it comes to resource availability. Which of the following is the BEST approach for configuring and scheduling the scan?

A. Make sure the scan is credentialed, covers all hosts in the patch management system, and is scheduled during business hours so it can be terminated if it affects business operations.
B. Make sure the scan is uncredentialed, covers all hosts in the patch management system, and is scheduled during off-business hours so it has the least impact on operations.
C. Make sure the scan is credentialed, has the latest software and signature versions, covers all external hosts in the patch management system, and is scheduled during off-business hours so it has the least impact on operations.
D. Make sure the scan is credentialed, uses a limited plug-in set, scans all host IP addresses in the enterprise, and is scheduled during off-business hours so it has the least impact on operations.

Show Suggested Answer

Suggested Answer: D 🗳️

by mcNik at May 31, 2021, 3:27 p.m.

Comments

Submit Cancel

MortG7

Highly Voted 2 years, 6 months ago

C. Make sure the scan is credentialed, has the latest software and signature versions, *****covers all external hosts in the patch management system****, and is scheduled during off-business hours so it has the least impact on operations. D. Make sure the scan is credentialed, uses a limited plug-in set, ****scans all host IP addresses in the enterprise*****, and is scheduled during off-business hours so it has the least impact on operations. They want to cover all hosts in the Enterprise NOT only external to the patch management system I am going with D

upvoted 9 times

...

SniipZ

Highly Voted 3 years, 10 months ago

D is correct. To check for a critical patch, only a few plugins are needed to save time and resources. Also the question mentioned, that all systems should be scanned. I am not really sure though, but I think all hosts in the patch management system are not really all hosts in the enterprise. So I am going for D here definitely.

upvoted 6 times

Pen88

3 years, 6 months ago

Yes, and the question says that the organization has limited resources, so a few plugins will work.

upvoted 2 times

STELLO

3 years, 5 months ago

Low tolerance for risk when it comes to resource availability not limited resources this is a case with amazon where non availability is a major issue that is why they operate on a six 9's.The indicator with this statement is that scan should be done at non business hours not to disrupt business which eliminates option A

upvoted 3 times

...

rayaMooo_Socket2

3 years, 5 months ago

Yes, scanning all IPs within the network, provides a logical topology. I agree D.

upvoted 3 times

...

Anaser

Most Recent 2 years ago

B. Make sure the scan is uncredentialed, covers all hosts in the patch management system, and is scheduled during off-business hours so it has the least impact on operations. Scanning during business hours with a credentialed scan can impact resource availability and potentially cause operational disruptions. An uncredentialed scan can still identify if a system is missing a critical security patch and is less intrusive. Scheduling the scan during off-business hours minimizes the impact on operations. It's also important to ensure that all hosts in the patch management system are covered to ensure comprehensive coverage.

upvoted 1 times

...

2Fish

2 years, 1 month ago

Selected Answer: D

D. Is correct. "..if a critical security patch" = "uses a limited Plug-in set"

upvoted 1 times

...

david124

2 years, 5 months ago

d it is

upvoted 1 times

...

miabe

2 years, 8 months ago

Selected Answer: D

looks good to me

upvoted 2 times

...

Manpreet3096

3 years, 1 month ago

I would like to go fir D as it needs to scan the IPs

upvoted 2 times

...

VinciTheTechnic1an

3 years, 3 months ago

I would go for D, as the question pertain to network so it has to scan the IP blocks.

upvoted 4 times

...

STELLO

3 years, 5 months ago

I would go with C since all systems critical path need to be scanned. Limiting some plug ins might leave some vulnerabilities undetected and since this is done during off business hours it is best to utilize all effort See: https://www.tenable.com/blog/4-best-practices-for-credentialed-scanning-with-nessus

upvoted 3 times

Manoj1996

2 years, 9 months ago

They said to look for a sepcific patch

upvoted 2 times

...

Davar39

2 years, 10 months ago

In addition to what Snipz replied, answer C covers only the systems that are included in the patch management.

upvoted 1 times

...

AndreaO

3 years, 10 months ago

C and D appear correct, but "...to determine if a critical security patch was applied to all systems in an enterprise." would imply a limited plug-in sets. Thus D seems to be more correct that C.

upvoted 1 times

...

mcNik

3 years, 11 months ago

I am wondering between C and D but this " uses a limited plugin set " makes me thing actually D might be correct.

upvoted 3 times

lonestarnj

3 years, 10 months ago

I agree tough to choose between C and D. I would also go with D.

upvoted 2 times

mcNik

3 years, 10 months ago

Well I am actively using such scans. If you need to scan particular thing you need just few plugin's which will reduce the impact N times.

upvoted 7 times

...

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam

Exam CS0-002 topic 1 question 67 discussion

Comments

MortG7

SniipZ

Pen88

STELLO

rayaMooo_Socket2

Anaser

2Fish

david124

miabe

Manpreet3096

VinciTheTechnic1an

STELLO

Manoj1996

Davar39

AndreaO

mcNik

lonestarnj

mcNik

SY0-701