From the course: CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management (2020)

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Passive vulnerability scanning

Passive vulnerability scanning

From the course: CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management (2020)

Start my 1-month free trial

Passive vulnerability scanning

- [Instructor] When we think of vulnerability scanning, we most often think of active tools that reach out to targeted systems and scan them for vulnerabilities by probing open ports and sending specially crafted requests. This approach, known as active vulnerability scanning, is certainly the most common way to perform a vulnerability scan. Active vulnerability scanning is thorough and helps simulate the activity of a real attacker. But active vulnerability scanning also has some drawbacks. It is noisy and it will likely be detected by the administrators of scanned systems. This might not be a big deal in an environment where administrators are aware of security testing, but it can be quite problematic if the scan is meant to be stealthy. Active scanning also has the potential to accidentally exploit vulnerabilities and interfere with the functioning of production systems. While scanners have settings that you can use…

Contents