Although there are several ways to mitigate BEAST, we are currently testing for one of them -- forced use of RC4 ciphers. Our test looks for two conditions: 1) server must choose cipher suites and 2) servers must choose RC4 if offered.
Are you performing the same test on the Vuln Scan side for QID 90741? I notice this is an Authenticated Only detection so I'm assuming something must be different. Can you provide details on QID 90741detection as well?