In response to an audit finding, a company's Chief Information Officer (CIO) instructed the security department to increase the security posture of the vulnerability management program. Currently, the company's vulnerability management program has the following attributes:
It is unauthenticated.
It is at the minimum interval specified by the audit framework.
It only scans well-known ports.
Which of the following would BEST increase the security posture of the vulnerability management program?
A. Expand the ports being scanned to include all ports. Increase the scan interval to a number the business will accept without causing service interruption. Enable authentication and perform credentialed scans.
B. Expand the ports being scanned to include all ports. Keep the scan interval at its current level. Enable authentication and perform credentialed scans.
C. Expand the ports being scanned to include all ports. Increase the scan interval to a number the business will accept without causing service interruption. Continue unauthenticated scanning.
D. Continue scanning the well-known ports. Increase the scan interval to a number the business will accept without causing service interruption. Enable authentication and perform credentialed scans.
It is unauthenticated.
It is at the minimum interval specified by the audit framework.
It only scans well-known ports.
Which of the following would BEST increase the security posture of the vulnerability management program?
A. Expand the ports being scanned to include all ports. Increase the scan interval to a number the business will accept without causing service interruption. Enable authentication and perform credentialed scans.
B. Expand the ports being scanned to include all ports. Keep the scan interval at its current level. Enable authentication and perform credentialed scans.
C. Expand the ports being scanned to include all ports. Increase the scan interval to a number the business will accept without causing service interruption. Continue unauthenticated scanning.
D. Continue scanning the well-known ports. Increase the scan interval to a number the business will accept without causing service interruption. Enable authentication and perform credentialed scans.