If you receive pushback from Windows admins about creating a new domain admin for QualysGuard authenticated scans, what permissions can they grant to a service account to provide you with almost the same level of detail in your scan results?
According to the QualysGuard help page, the scanner needs read-only access to:
- Target systems’ registry
- Target systems’ administrative file shares (C$, admin$, fax$, ipc$, print$, sysvol, netlogon)
- Target system’s running services
What am I missing (if anything)?