Which of the following types of scans did the tester use to identify the libraries?

A tester performs a vulnerability scan and identifies several outdated libraries used within the customer SaaS product offering.

Which of the following types of scans did the tester use to identify the libraries?
A . IAST
B . SBOM
C . DAST
D . SAST

View Answer

Answer: D

Explanation:

kube-hunter is a tool designed to perform security assessments on Kubernetes clusters. It identifies various vulnerabilities, focusing on weaknesses and misconfigurations.

Here’s why option B is correct:

Kube-hunter: It scans Kubernetes clusters to identify security issues, such as misconfigurations, insecure settings, and potential attack vectors.

Network Configuration Errors: While kube-hunter might identify some network-related issues, its primary focus is on Kubernetes-specific vulnerabilities and misconfigurations.

Application Deployment Issues: These are more related to the applications running within the cluster, not the cluster configuration itself.

Security Vulnerabilities in Docker Containers: Kube-hunter focuses on the Kubernetes environment rather than Docker container-specific vulnerabilities. Reference from Pentest:

Forge HTB: Highlights the use of specialized tools to identify misconfigurations in environments, similar to how kube-hunter operates within Kubernetes clusters​.

Anubis HTB: Demonstrates the importance of identifying and fixing misconfigurations within complex

environments like Kubernetes clusters​.

Conclusion:

Option B, weaknesses and misconfigurations in the Kubernetes cluster, accurately describes the type

of vulnerabilities that kube-hunter is designed to detect.