August 20, 2021 by Admin
Your company was hired by a small healthcare provider to perform a technical assessment on the network.
What is the best approach for discovering vulnerabilities on a Windows-based computer?
- Use a scan tool like Nessus
- Use the built-in Windows Update tool
- Check MITRE.org for the latest list of CVE findings
- Create a disk image of a clean Windows installation
Explanation:
Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools.
The Nessus server is currently available for Unix, Linux and FreeBSD. The client is available for Unix- or Windows-based operating systems.
Note: Significant capabilities of Nessus include:
– Compatibility with computers and servers of all sizes.
– Detection of security holes in local or remote hosts.
– Detection of missing security updates and patches.
– Simulated attacks to pinpoint vulnerabilities.
– Execution of security tests in a contained environment.
– Scheduled security audits.