There are two types of scans, credentialed and non-credentialed. Let's look at these in turn:
- Non-Credentialed: A Non-Credentialed scan will monitor the network and see any vulnerabilities that an attacker would easily find; we should fix the vulnerabilities found with a Non-Credentialed scan first, as this is what the hacker will see when they enter your network. For example, an administrator runs a Non-Credentialed scan on the network and finds that there are three missing patches. The scan does not provide many details on these missing patches. The administrator installs the missing patches to keep the systems up to date as they can only operate on the information produced for them.
- Credentialed scan: A Credentialed scan is a much safer version of the vulnerability scanner. It provides more detailed information than a Non-Credentialed...