SecurityNetwork+

Vulnerability Scanning for CompTIA Network+ N10-009

Vulnerability scanning proactively identifies security weaknesses in network devices, servers, and applications before attackers can exploit them. CompTIA Network+ N10-009 tests vulnerability scanning concepts including scan types (authenticated vs unauthenticated), common tools, CVE/CVSS, and the difference between vulnerability scanning and penetration testing.

6 min

2 sections · 7 exam key points

1 practice questions

Vulnerability Scanning Types

Unauthenticated (non-credentialed) scan: the scanner connects to targets without login credentials — simulates what an external attacker sees. Identifies open ports, service versions, and externally visible vulnerabilities. Limited visibility — misses many internal vulnerabilities that require login access.

Authenticated (credentialed) scan: the scanner logs into target systems with administrative credentials and inspects internal configuration, installed software versions, patch status, and registry settings. More comprehensive than unauthenticated scans — finds vulnerabilities that require local access. Results may have fewer false positives.

Agent-based scanning: a lightweight agent installed on each device collects vulnerability data locally and reports to the central scanner. Works even when devices are offline or behind firewalls. Continuous scanning rather than periodic scheduled scans.

Scanning Tools and CVE

Nessus: industry-leading commercial vulnerability scanner (Tenable). Large plugin database — identifies thousands of vulnerabilities across operating systems, applications, and network devices. OpenVAS: open-source vulnerability scanner (Greenbone). Qualys: cloud-based SaaS vulnerability management. Rapid7 InsightVM/Nexpose: enterprise vulnerability management.

CVE (Common Vulnerabilities and Exposures): the public vulnerability database. Each vulnerability gets a unique CVE ID (CVE-YYYY-NNNNN). Scanners check targets against CVE database entries. CVSS (Common Vulnerability Scoring System) assigns severity scores (0–10). Scanners use CVSS to prioritize remediation — address Critical (9–10) and High (7–8.9) first.

Penetration testing vs vulnerability scanning: vulnerability scanning identifies and reports weaknesses without exploiting them. Penetration testing (ethical hacking) actively attempts to exploit vulnerabilities to prove they are real risks. Pen testing requires explicit written authorization.

Key exam facts — Network+

Authenticated scan: logs in, more complete; Unauthenticated: external view only
Nessus, OpenVAS, Qualys, Rapid7: common vulnerability scanners
CVE: public vulnerability database; CVSS 0–10 (9–10 Critical)
Vulnerability scanning: identifies weaknesses; pen testing: actively exploits them
Pen testing requires explicit written authorization — unauthorized testing is illegal
False positives: scanner reports a vulnerability that doesn't exist — verify before patching
Agent-based scanning: continuous, works offline; network scanning: periodic, agentless

Common exam traps

Vulnerability scanning is the same as penetration testing

Vulnerability scanning is automated identification of known weaknesses — it does not exploit them. Penetration testing is a deliberate, human-guided attempt to exploit vulnerabilities to prove real risk. Pen testing is more expensive, deeper, and requires explicit authorization

Practice questions — Vulnerability Scanning

These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.

Q1.A security team runs a vulnerability scan and receives results showing 50 Critical and 200 High severity findings. Which should be addressed first?

A.Address High findings first — there are more of them

B.Address Critical findings first — highest CVSS score indicates greatest risk

C.Address findings alphabetically by CVE ID

D.Address the easiest findings first regardless of severity

Explanation: Critical vulnerabilities (CVSS 9.0–10.0) represent the highest risk — most likely to be exploited with the most severe impact. Remediation priority should follow CVSS score: Critical → High → Medium → Low. The number of vulnerabilities at each severity level doesn't change prioritization — one critical vulnerability may enable complete system compromise.

Frequently asked questions — Vulnerability Scanning

What is the difference between a vulnerability scanner and a port scanner?

A port scanner (nmap) identifies open TCP/UDP ports on target systems — it tells you what services are listening. A vulnerability scanner identifies security weaknesses in those services — outdated versions, misconfigurations, missing patches, and known CVEs. A vulnerability scanner uses port scanning as a first step, then performs detailed fingerprinting and vulnerability checks on discovered services.

Practice this topic

Network+practice questions

Test yourself on Vulnerability Scanning

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime