🔥 3-day streak
CompTIA PenTest+ (PT0-003)92 / 175
Question 92 of 175

During an internal engagement, you run both an unauthenticated and a credentialed OpenVAS scan against the same Windows workstation. The unauthenticated scan reports a critical remote code execution vulnerability in an outdated version of a service, but the credentialed scan does not list that finding at all. Local patch records confirm the relevant update was installed last month. Which conclusion best explains the discrepancy, and what should you do?

Reviewed for accuracy · Report an issueNext question