BCS Exam CISMP-V9 Topic 1 Question 64 Discussion

Actual exam question for BCS's CISMP-V9 exam

Question #: 64
Topic #: 1

[All CISMP-V9 Questions]

What does a penetration test do that a Vulnerability Scan does NOT?

AA penetration test seeks to actively exploit any known or discovered vulnerabilities.

BA penetration test looks for known vulnerabilities and reports them without further action.

CA penetration test is always an automated process - a vulnerability scan never is.

DA penetration test never uses common tools such as Nrnap, Nessus and Metasploit.

Show Suggested Answer

Suggested Answer: B

by Linn at Nov 22, 2023, 01:28 PM

Limited Time Offer

25%

Off

Get Premium CISMP-V9 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Leota

29 days ago

Hey, at least the vulnerability scan doesn't end up setting the office on fire. That's the kind of excitement I'm happy to miss out on.

upvoted 0 times

...

Onita

30 days ago

Vulnerability scans never exploit vulnerabilities? Guess the vendors of those tools didn't get the memo. Time to send them a strongly worded email.

upvoted 0 times

...

Gertude

1 months ago

A penetration test is always automated? Oh boy, someone should tell the ethical hackers about that. They might be doing it wrong.

upvoted 0 times

Moon

9 days ago

B) A penetration test looks for known vulnerabilities and reports them without further action.

upvoted 0 times

...

Lindsay

15 days ago

A) A penetration test seeks to actively exploit any known or discovered vulnerabilities.

upvoted 0 times

...

Zena

1 months ago

Wait, Nrnap? I think you meant Nmap. Vulnerability scans can definitely use common tools like Nmap and Nessus.

upvoted 0 times

...

2 months ago

I think a penetration test actively exploits vulnerabilities.

upvoted 0 times

...