What does a network vulnerability assessment intend to identify?

What does a network vulnerability assessment intend to identify?

A.
0-day vulnerabilities

B.
Malicious software and spyware

C.
Security design flaws

D.
Misconfiguration and missing updates

Explanation:
A network vulnerability assessment intends to identify known vulnerabilities based on common misconfigurations and missing updates. 0-day vulnerabilities by definition are not previously known and therefore are undetectable. Malicious software and spyware are normally addressed through antivirus and antispyware policies. Security design flaws require a deeper level of analysis.