A credentialed vulnerability scan requires authenticated access to the target system to perform a comprehensive analysis of patch levels, local configurations, file permissions, and registry settings. For an Active Directory domain controller, the scanner needs high-level privileges to access protected system resources. A Domain Administrator account has the necessary permissions to read all required configuration details on a domain controller, ensuring the scan is thorough and accurate. While the principle of least privilege is a critical security concept, in this context, administrative-level access is required for the tool to function effectively.

A. Read-only: A read-only account would lack the necessary permissions to access critical system areas like the Windows registry, security logs, or protected system files, leading to an incomplete and inaccurate scan.

C. Local user: A local user account on a domain controller has insufficient privileges for a system-wide assessment and is not the standard account type used for administrative tasks on such a server.

D. Root: The "root" account is the superuser for Unix/Linux-based operating systems and is not an applicable account type for a Windows Active Directory server.

---

1. National Institute of Standards and Technology (NIST). (2008). Technical Guide to Information Security Testing and Assessment (NIST Special Publication 800-115). Section 4.3.2

"Vulnerability Scanning

" p. 4-10.

The document states

"...administrative or root-level access may be needed to perform a complete scan of all system software and settings." This supports the necessity of high-level privileges for a comprehensive assessment.

2. Microsoft. (2021). Securing a Remote WMI Connection. Microsoft Docs.

Official documentation for Windows Management Instrumentation (WMI)

a technology heavily used by scanners

specifies that access to many administrative and security-related WMI namespaces requires the user to be a member of the Administrators group. This confirms that administrative privileges are a technical requirement for deep system inspection.

3. Karlsson

D.

& Shahmehri

N. (2011). A Study on the Effectiveness of Vulnerability Scanners. University of Skövde

School of Technology and Society. DIVA-2011:151

p. 15.

In this academic study on vulnerability scanning

the methodology section notes: "The authenticated scans were performed by providing the scanners with administrator credentials for the Windows machine..." This highlights the standard academic and research practice of using administrative credentials for effective authenticated scanning.