The correct answer is B and E. An agent-based scan and a credentialed scan can help verify if the vulnerability related to outdated web-server software is a true positive with the least effort and cost.
An agent-based scan is a type of vulnerability scan that uses software agents installed on the target systems to collect and report data on vulnerabilities. This method can provide more accurate and detailed results than a network-based scan, which relies on network traffic analysis and probes1. An agent-based scan can also reduce the network bandwidth and performance impact of scanning, as well as avoid triggering false alarms from intrusion detection systems2.
A credentialed scan is a type of vulnerability scan that uses valid login credentials to access the target systems and perform a more thorough and comprehensive assessment of their configuration, patch level, and vulnerabilities. A credentialed scan can identify vulnerabilities that are not visible or exploitable from the network level, such as missing updates, weak passwords, or misconfigured services3. A credentialed scan can also reduce the risk of false positives and false negatives, as well as avoid causing damage or disruption to the target systems3.
A network-based scan, a port scan, a red-team exercise, a blue-team exercise, and unknown environment penetration testing are not the best options to verify if the vulnerability is a true positive with the least effort and cost. A network-based scan and a port scan may not be able to detect the vulnerability if it is not exposed or exploitable from the network level. A red-team exercise, a blue-team exercise, and unknown environment penetration testing are more complex, time-consuming, and costly methods that involve simulating real-world attacks or defending against them. These methods are more suitable for testing the overall security posture and resilience of an organization, rather than verifying a specific vulnerability4.
