ExpertMedium1 markMultiple Choice
CPA · Question 51 · Area II: Security
What is the primary difference between Vulnerability Scanning and Penetration Testing?
What is the primary difference between Vulnerability Scanning and Penetration Testing?
Answer options:
A.
Vulnerability scanning is manual; Penetration testing is automated.
B.
Vulnerability scanning is automated and identifies potential weaknesses; Penetration testing is manual and attempts to exploit them.
C.
Vulnerability scanning is only for internal networks.
D.
Penetration testing does not require authorization.
How to approach this question
Scan = Look. Pen Test = Attack.
Full Answer
B.Vulnerability scanning is automated and identifies potential weaknesses; Penetration testing is manual and attempts to exploit them.✓ Correct
Vulnerability scans are automated checks for known issues. Pen tests involve human intelligence to chain vulnerabilities and exploit them to prove risk.
Common mistakes
Using the terms interchangeably.
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy