Definition: The phrase Security Scan, as it relates to information assurance, can have several meanings. One meaning relates to what an anti-virus software package, for example, does when searching for known virus signatures. An infrastructure owner might also have a third-party perform a “white hat hack” on the information system to determine if any vulnerabilities exist. Another meaning relates to the idea of a malicious outsider who is conducting a reconnaissance mission related to the information infrastructure to determine if any unauthorized entry points exist in the system.
A security scan can be the active discovery of how far a WiFi signal broadcasts in a network. A security scan can also be conducted to determine if any illicit electromagnet devices are operating.
Its Relevance: Owners of computers and computer networks need to be proactive when it comes to protecting information systems. Using a structured approach to actively examine a system for weaknesses is one way to prevent problems. These activities must also be spelled out in the organization’s policies and procedures.