A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of new administrator accounts. For which of the following is the company hiring the consulting firm?
A. Vulnerability scanning
B. Penetration testing
C. Application fuzzing
D. User permission auditing
How To Pass SY0-601 Exam?CompTIA SY0-601 PDF dumps.High quality SY0-601 pdf and software. VALID exam to help you pass. |
 |
Since it mentions “unpatched systems” and not “unpatched software, I assume that they are indicating that a non-credential scan will suffice. If that is true then no penetration is necessary and the rest of the question is confusing filler. My guess is Vulnerability scanning.