Which assessment type involves obtaining credentials of all machines in the network to perform the assessment?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which assessment type involves obtaining credentials of all machines in the network to perform the assessment?

Explanation:
Credentialed assessment is the approach that uses logon credentials for each machine in the network to perform the test. By having valid credentials, you can log into every host and run checks with the same access level as a legitimate user (often with administrator rights), which lets you inventory and assess things that aren’t visible from outside the machine. This enables deep visibility into configurations, patch status, installed software, user rights and permissions, service configurations, registry settings, password policies, and potential misconfigurations. Because you’re operating with authenticated access, you can identify issues that non-credentialed (external) assessments would miss, such as in-depth configuration flaws, weak local policies, and privilege-related weaknesses. In contrast, non-credentialed assessments rely only on what can be seen from the network perimeter and may miss internal weaknesses. Automated versus manual describes how the testing is performed, not whether credentials are used. So using credentials for all machines is what makes the assessment credentialed.

Credentialed assessment is the approach that uses logon credentials for each machine in the network to perform the test. By having valid credentials, you can log into every host and run checks with the same access level as a legitimate user (often with administrator rights), which lets you inventory and assess things that aren’t visible from outside the machine.

This enables deep visibility into configurations, patch status, installed software, user rights and permissions, service configurations, registry settings, password policies, and potential misconfigurations. Because you’re operating with authenticated access, you can identify issues that non-credentialed (external) assessments would miss, such as in-depth configuration flaws, weak local policies, and privilege-related weaknesses.

In contrast, non-credentialed assessments rely only on what can be seen from the network perimeter and may miss internal weaknesses. Automated versus manual describes how the testing is performed, not whether credentials are used. So using credentials for all machines is what makes the assessment credentialed.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy