Misconfiguration and missing updates: This refers to vulnerabilities resulting from improper configuration of the network or software, or failure to apply patches and updates to the network and its components. These vulnerabilities are often easy to exploit and can result in a security breach. An IS auditor should expect to see these types of vulnerabilities during a network vulnerability assessment. Security design flaws: Security design flaws refer to vulnerabilities that exist in the network's design, architecture, or configuration. These types of vulnerabilities can be challenging to identify and remediate, but they can have a significant impact on the network's security. An IS auditor should expect to see security design flaws during a network vulnerability assessment. B > A
I think questions may be based on the point of view of vulnerability assessment scanning tool.
In a vulnerabilty assessment report,we can see a lot of risk about misconfiguration and missing update.
While security design flaws can be identified during a comprehensive security review or design assessment, they are typically not the primary focus of a network vulnerability assessment. Vulnerability assessments are more concerned with identifying known issues within the current configuration and software.
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
PurpleParrot
3 months, 2 weeks ago3008
1 year, 3 months agoVictorHsu
1 year, 8 months agoCclantic
1 year, 4 months agoStaanlee
1 year, 10 months agoPurpleParrot
3 months, 2 weeks ago