Vulnerability scanning concepts

A vulnerability scanner is a passive scanner that identifies vulnerabilities or weaknesses on the system. For example, there could be missing updates for the operating system, anti-virus solutions, or there could be only one administrator account on the system. Microsoft has a vulnerability scanning tool called the Microsoft Baseline Security Analyzer (MBSA). A zero day exploit cannot be traced by a vulnerability scanner; it has not yet been identified and has no updates or patches available.

Let's look at the type of output a vulnerability scanner could produce:

  • False positive: A false positive is where the scan believes that there is a vulnerability but when you physically check it is not there.
  • False negative ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.