Which assessment type involves obtaining credentials of all machines in the network to perform the assessment?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which assessment type involves obtaining credentials of all machines in the network to perform the assessment?

Explanation:
Credentialed assessment is the approach that uses logon credentials for each machine in the network to perform the test. By having valid credentials, you can log into every host and run checks with the same access level as a legitimate user (often with administrator rights), which lets you inventory and assess things that aren’t visible from outside the machine. This enables deep visibility into configurations, patch status, installed software, user rights and permissions, service configurations, registry settings, password policies, and potential misconfigurations. Because you’re operating with authenticated access, you can identify issues that non-credentialed (external) assessments would miss, such as in-depth configuration flaws, weak local policies, and privilege-related weaknesses. In contrast, non-credentialed assessments rely only on what can be seen from the network perimeter and may miss internal weaknesses. Automated versus manual describes how the testing is performed, not whether credentials are used. So using credentials for all machines is what makes the assessment credentialed.

Credentialed assessment is the approach that uses logon credentials for each machine in the network to perform the test. By having valid credentials, you can log into every host and run checks with the same access level as a legitimate user (often with administrator rights), which lets you inventory and assess things that aren’t visible from outside the machine.

This enables deep visibility into configurations, patch status, installed software, user rights and permissions, service configurations, registry settings, password policies, and potential misconfigurations. Because you’re operating with authenticated access, you can identify issues that non-credentialed (external) assessments would miss, such as in-depth configuration flaws, weak local policies, and privilege-related weaknesses.

In contrast, non-credentialed assessments rely only on what can be seen from the network perimeter and may miss internal weaknesses. Automated versus manual describes how the testing is performed, not whether credentials are used. So using credentials for all machines is what makes the assessment credentialed.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy