What type of vulnerability scan accesses configuration information from the systems it is run against as well as information that can be accessed via services available via the network?

Authenticated scans use a read-only account to access configuration files, allowing more accurate testing of vulnerabilities. Web application scans, unauthenticated scans, and port scans don't have access to configuration files unless they are inadvertently exposed.