Home » Isaca » CISM » Which of the following is the MOST important guideline when using software to scan for security exposures within a corporate network?
Which of the following is the MOST important guideline when using software to scan for security exposures within a corporate network?
A. Never use open source tools
B. Focus only on production servers
C. Follow a linear process for attacks
D. Do not interrupt production processes
Correct Answer: D
Explanation/Reference:
Explanation:
The first rule of scanning for security exposures is to not break anything. This includes the interruption of any running processes. Open source tools are an excellent resource for performing scans. Scans should focus on both the test and production environments since, if compromised, the test environment could be used as a platform from which to attack production servers. Finally, the process of scanning for exposures is more of a spiral process than a linear process.
|
Download Printable PDF. VALID exam to help you PASS.
|
 |
