AnsweredAssumed Answered

Authenticated scan permissions (Windows domain)

Question asked by Jerod Brennen on Jan 22, 2014
Latest reply on Jan 22, 2014 by jkent

If you receive pushback from Windows admins about creating a new domain admin for QualysGuard authenticated scans, what permissions can they grant to a service account to provide you with almost the same level of detail in your scan results?

 

According to the QualysGuard help page, the scanner needs read-only access to:

 

  • Target systems’ registry
  • Target systems’ administrative file shares (C$, admin$, fax$, ipc$, print$, sysvol, netlogon)
  • Target system’s running services

 

What am I missing (if anything)?

Outcomes