Vulnerability quiz: Question No. 7
A host-based vulnerability assessment tool is...
B. An agent-based product that reviews configurations and file system settings.
A host-based vulnerability product has agents on the systems that it is monitoring. Instead of just scanning the open ports on a system and the reactions of the services listening on the system, there is a piece of software performing command-line operations and making requests to APIs. For example, an exterior scan can indicate that port 21 is open on a system and identify the version of the FTP server software, but an agent can dig deeper and actually identify the patch level of the FTP daemon itself. It is not an IDS product and cannot review network traffic.