Which of the following best describes what compliance scanning does?

Compliance scanning primarily focuses on ensuring that an organization adheres to specific regulations, standards, and policy requirements. This type of scanning evaluates the security controls and configurations in place against established benchmarks or frameworks, such as PCI DSS, HIPAA, or ISO 27001. By doing so, organizations can confirm that they are meeting the mandatory requirements that govern their industry, thus mitigating the risk of non-compliance which could lead to penalties or breaches in data security.

Moreover, compliance scanning typically involves automated tools that assess systems for compliance with these policies, checking configurations and settings against predefined standards. This is crucial not just for regulatory adherence but also for maintaining a strong security posture.

In contrast, identifying vulnerabilities within a network is more aligned with vulnerability scanning, which focuses on discovering security weaknesses rather than verifying compliance with policies. Recording network traffic pertains to packet capture or network monitoring, which does not evaluate compliance status. Testing application code for backdoors involves security testing focused on development rather than compliance with operational policies.