Question & Answer
Question
In QVM, you can configure Scan Profiles to specify how and when your network assets are scanned for vulnerabilities. Scan Profiles in turn use Scan Policies, which provide you with a central location to configure specific scanning requirements. You can use scan policies to specify scan types, ports to be scanned, vulnerabilities to scan for and scanning tools to use. More information on Scan Policies and Scan Profiles, can be found in the Scan Configuration section of the product documentation.
Some scanning tools run a brute-force attack on the target system. While it is expected of a tool that tests for vulnerabilities, it can also lead to administrative accounts to be locked out. For example, the "mssql - sa checksa check" tool attempts to log in to a Microsoft SQL Server by using four default users and ten common passwords. The "sa" user is part of that user list and could be locked out due to excessive login attempts. Under such circumstances, some organizations might choose to disable the tool.
This article explains how a certain scanning tool can be disabled.
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSHLPS","label":"IBM Security QRadar Vulnerability Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version","Edition":" ","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Product Synonym
QVM
Was this topic helpful?
Document Information
Modified date:
21 March 2024
UID
ibm16202766