The issue is that laptops are often off-network (traveling), causing inaccurate network-scan metrics and slower detection. The best way to reduce MTTD (mean time to detect vulnerabilities) for roaming endpoints is agent-based scanning, because agents run continuously on endpoints and can still scan/report results even when devices are not connected to the corporate network.
Exact extract (All-in-One Exam Guide):
“Because the agents run continuously on each host, mobile devices can still be scanned even when they are not connected to the corporate network.”
It further emphasizes suitability for mobile devices:
Exact extract (All-in-One Exam Guide):
“agent-based (or serverless) vulnerability scans are typically better for scanning mobile devices.”
And Sybex Practice Tests directly supports this scenario (traveling sales laptops) by selecting agent-based scanning as best for accurate config visibility on traveling laptops:
Exact extract (Sybex Practice Tests):
“…most accurate view of configuration issues on laptops belonging to traveling salespeople. Which technology will work best…? A. Agent-based scanning”
Why the other options don’t solve the “traveling laptops” problem:
B (credentialed scans): improves depth/accuracy when the device is reachable, but does nothing when laptops are offline/not on the network.
D (increase runtime): waiting longer doesn’t reduce MTTD; it just delays reporting and still won’t scan an off-network device.
References (CompTIA CySA+ CS0-003 documents / study guides used):
Mya Heath et al., CompTIA CySA+ All-in-One Exam Guide (CS0-003): agents scan continuously; mobile devices can be scanned off-network; agent-based better for mobile devices
Chapple/Seidl, CompTIA CySA+ Practice Tests (CS0-003): agent-based scanning best for traveling laptop scanning accuracy
