Disabling critical security controls, such as intrusion prevention systems, is an acceptable practice when conducting scheduled vulnerability scans to reduce the chances of skewed results.
The correct answer is false. While it may be tempting to disable security measures that could interfere with a scan, doing so can expose the network to real threats during the scan period. Instead, scans should be carefully planned, potentially using a test environment or simulation, to avoid false positives/negatives without compromising live security controls.
Learn More
AI Generated Content may display inaccurate information, always double-check anything important.
Why is it a bad idea to disable security controls during vulnerability scans?
What alternatives are there to disabling security controls during scans?
What are false positives and negatives in vulnerability scanning?