Do you recommend excluding anything from a scan?

ANSWER No.

Many network administrators attempt to pick and choose which systems they should include in an assessment; however, we strongly recommend each organization include every system within their network

Many devices come with configuration settings that may put your network at risk a lot more than you could imagine. For example, many administrators don't believe that printers are necessary to be included as part of a penetration test. However, there have been many cases of penetration testers getting domain administrator access by just simply redirecting LDAP on a printer to their system because the printer was not configured to use any strong, complex authentication credentials.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!