Your coworker is out sick due to an illness. In his absence you have received the results of a vulnerability scan he ordered from an external provider. Unfortunately your coworker did not give you any information on what type of scan was conducted or what methods were used. The results show that 3 injection vulnerabilities were identified but are only possible when attempted from an authenticated user account. Based on the information you have, what type of vulnerability scan was most likely completed?

  • Non-intrusive
  • Gray box
  • Intrusive
  • Credentialed

CompTIA Security+ SY0-501
  • Threats, Attacks and Vulnerabilities
    • This question is filed here
  • Technologies and Tools
  • Architecture and Design
  • Identity and Access Management
  • Risk Management
  • Cryptography and PKI