430T2DQ1.

The Best Writers430 Topic 2 DQ 175 to 100 wordsAfter conducting a vulnerability scan, an organization can identify and remediate the configuration failures in their infrastructure. Once hardened, secured, patched, and in compliance, why is it important to continue conducting vulnerability scans on a periodic basis? Explain what could have changed from previous scans.Reply to responses 50-75 wordsA JacobToday’s world is always changing, and it does not hold your hand when these changes are done, the same goes for technology and cyber threats. It is important to understand that these changes can happen overnight and that you must do your best to stay one step ahead of potential threats that are out there. An important key to these changes is the people that make the software that the changes usually come from. Attackers understand that people are the ones that make the changes and with this comes mistakes, now it is time for the attackers to exploit these mistakes. “Cybercriminals only need to find one unpatched flaw in your security armour to leverage a fully-fledged cyber-attack.” (Frizzell, 2021) By utilizing vulnerability scans monthly, you can identify these holes in your applications and patch them before the attackers can use them to their advantage. We as IT professionals need to preserve our networks and applications to ensure that we are not allowing holes so that anyone else can find them.B ShaunaIt is important to test scans on a periodic basis due to the fact of the things that could possibly change from each scan. There are two approaches to vulnerability scanning: authenticated and unauthenticated scans. In the unauthenticated method, the tester performs the scan as an intruder would, without trusted access to the network. Such a scan reveals vulnerabilities that can be accessed without logging into the network. In an authenticated scan, the tester logs in as a network user, revealing the vulnerabilities that are accessible to a trusted user, or an intruder that has gained access as a trusted user. Both types of scans are recommended for businesses to obtain an overview of their security effectiveness. Experts recommend that vulnerability scans should be performed at least quarterly, especially after new equipment is loaded or the network undergoes significant changes. The scans will detect if your equipment is compromised such as missing patches and outdated protocols, certificates, and services.Porter, O. M. C. R. (2019, January 25). The importance of vulnerability scans. Partnered Solutions IT. Retrieved March 16, 2022, from https://partneredsolutionsit.com/importance-of-vulnerability-scans/ REPLYC CodyA vulnerability scan is conducted by organizations so that they can identify weaknesses in their network. After identifying weaknesses, also called vulnerabilities, the organization may then go on to remediate all of the weaknesses or only the areas where the most damage will be done. Each vulnerability scan is unique in that it contains a certain set of known methods to find vulnerabilities. These methods may consist of figuring out if a system has a certain protocol, library, or some type of vulnerable, legacy component in use. Or the vulnerability scanner may use the same methods that major exploits use but in a non malicious manner. This means that instead of making a system download a virus or connect back to an infected system through the use of an existing exploit, instead the exploit may just be used to pop up a warning dialogue box or something non-malicious along these lines. Since each exploit is different and uses different techniques, vulnerability scanners are constantly updated in order to find new vulnerabilities within an organization’s IT systems. This is why an organization will benefit the most from periodic or frequent vulnerability scans. For example, if an organization does a vulnerability scan today but then a new vulnerability comes out in a couple days, then this company may be vulnerable to this new threat until the next time they do a vulnerability scan and figure out a way to mitigate this new vulnerability. Bad hackers only need the vulnerability to be present for one day to do damage against an organization. This is why frequent vulnerability scans are beneficial to catch and remediate vulnerabilities as soon as possible.