What is the primary difference between Vulnerability Scanning and Penetration Testing?

Answer options:

Vulnerability scanning is manual; Penetration testing is automated.

Vulnerability scanning is automated and identifies potential weaknesses; Penetration testing is manual and attempts to exploit them.

Vulnerability scanning is only for internal networks.

Penetration testing does not require authorization.

How to approach this question

Scan = Look. Pen Test = Attack.

Full Answer

B.Vulnerability scanning is automated and identifies potential weaknesses; Penetration testing is manual and attempts to exploit them.✓ Correct

Vulnerability scanning is automated and identifies potential weaknesses; Penetration testing is manual and attempts to exploit them.

Vulnerability scans are automated checks for known issues. Pen tests involve human intelligence to chain vulnerabilities and exploit them to prove risk.

Common mistakes

Using the terms interchangeably.

Question 50 All questions Question 52

Practice the full CPA ISC Practice Exam 5

82 questions · hints · full answers · grading

More questions from this exam

Q01A service organization provides a cloud-based payroll processing application to its user entities...Medium Q02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...Hard Q03A financial institution requires a cloud deployment model that offers the highest level of contro...Medium Q04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...Medium Q05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy

View all 82 questions →