Which type of scanning involves assessing endpoints with vulnerability assessment software and may involve providing credentials to see inside the device or application?

Active scans are a critical part of vulnerability assessment, as they involve using specialized software to evaluate the security of endpoints, such as devices, applications, and networks. During an active scan, the assessment tool actively sends requests to the endpoints to probe for vulnerabilities. This can include actions like checking for open ports, outdated software, or misconfigured settings.

One significant advantage of active scanning is that it can provide deeper insights into a system's vulnerabilities by potentially utilizing credentials. When credentials are provided, the scanning tool can gain access to more detailed information within the device or application, allowing for a thorough examination of the environment. This level of access is essential for identifying vulnerabilities that may not be visible without authenticated access.

Additionally, active scans are distinct from passive scans, where the assessment focuses on monitoring the system without actively probing it. Passive scans do not involve sending requests; instead, they observe the network traffic and analyze the data passively. Therefore, active scanning is more comprehensive in identifying vulnerabilities that could be exploited by attackers.