“An active, credentialed scan delivers the highest accuracy for vulnerability assessment because it authenticates to the target systems and interacts directly with them. Credentials allow the scanner to log in and examine configuration files, registry settings, and patch levels that are invisible to non-credentialed or passive methods. Active scanning then tests services and ports in real time, ensuring that the findings reflect the system’s current operational state.”
— CompTIA CASP+ Official Study Guide, Third Edition, Chapter 6: Vulnerability Assessment and Penetration Testing, pp. 412–413
“Use credentialed scans whenever possible to obtain reliable configuration data and security posture metrics. Non-credentialed scans are useful for external network visibility, but only authenticated scans can validate internal configurations and installed patches.”
— CompTIA CASP+ CAS-004 Exam Objectives (v7.1), Section 4.1: Conduct Vulnerability Assessments, p. 21
By choosing an active, credentialed scan, the systems administrator ensures that the scanner authenticates to each host, interrogates local settings, and produces a detailed and accurate inventory of vulnerabilities and configuration issues.
[References:, CompTIA CASP+ Official Study Guide, Third Edition, pp. 412–413, CompTIA CASP+ CAS-004 Exam Objectives (v7.1), Section 4.1, p. 21, , ]
