Which statement best describes Nikto's scanning scope?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which statement best describes Nikto's scanning scope?

Explanation:
Nikto’s scanning scope is focused on identifying well-known, publicly documented vulnerabilities and server misconfigurations, not bespoke or custom application flaws. It operates by comparing the server’s responses against a large database of known issues, such as outdated server versions, default files, and common misconfigurations, rather than hunting for unknown or zero-day vulnerabilities. It also targets server-side concerns rather than client-side scripting issues like JavaScript or HTML vulnerabilities. Because of that, describing its scope as checking for well-known flaws, not custom app flaws, best matches how Nikto is designed to function.

Nikto’s scanning scope is focused on identifying well-known, publicly documented vulnerabilities and server misconfigurations, not bespoke or custom application flaws. It operates by comparing the server’s responses against a large database of known issues, such as outdated server versions, default files, and common misconfigurations, rather than hunting for unknown or zero-day vulnerabilities. It also targets server-side concerns rather than client-side scripting issues like JavaScript or HTML vulnerabilities. Because of that, describing its scope as checking for well-known flaws, not custom app flaws, best matches how Nikto is designed to function.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy