Option | Description |
|
|
Do not perform application fingerprinting | Does not try to specifically identify which |
| applications are communicating over which |
| ports, and runs the checks as selected in the |
| Assessment policy. |
| This option does not identify applications |
| communicating over |
| (Checks are run against standard ports as |
| defined in the Network Services policy.) |
|
|
Fingerprint applications and run checks | Identifies applications communicating over |
that apply to application protocol (e.g., | specific ports, and then runs checks that |
http) | apply to the protocol in use. |
| This option identifies applications |
| communicating over |
|
|
Fingerprint applications and run checks | Identifies applications communicating over |
that apply to specific application (e.g., | specific ports, and then runs checks that |
apache) | apply only to the application identified. |
| This option identifies applications |
| communicating over |
|
|
11.The settings in the Account Verification section apply only if an Assessment Credentials policy is available for the group being scanned.
Option | Description |
|
|
Verify account access level before using | v If disabled, Enterprise Scanner assumes |
| that whatever is specified in the |
| Assessment Credentials policy is accurate. |
| v If enabled, Enterprise Scanner tries to |
| confirm that the access level specified in |
| the Assessment Credentials policy is |
| correct. |
| Important: You should enable the Check |
| local group membership to verify access |
| level if you enable account verification. |
|
|
Access domain controllers to verify access | v If disabled, Enterprise Scanner does not |
level | communicate with a Domain Controller in |
| |
| the process of verifying access levels. |
| v If enabled, Enterprise Scanner tries to |
| communicate with a Domain Controller in |
| the process of verifying access levels. |
|
|
Check local group membership to verify | v If disabled, Enterprise Scanner does not |
access level | try to confirm the access level for the |
| |
| account during assessment by checking |
| which local groups the asset belong to. |
| v If enabled, Enterprise Scanner tries to |
| confirm the access level for the account |
| during assessment by checking which |
| local groups the asset belong to. |
|
|
12.Configure the options for locking out accounts in the Account Lockout Control section:
